Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-Site Request Forgery (CSRF) vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to hijack the authentication of administrators via unspecified vectors.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Synology Calendar 跨站请求伪造漏洞
Vulnerability Description
Synology Calendar是中国台湾群晖科技(Synology)公司的一款运行在Synology NAS(网络存储服务器)设备上的文件保护程序。 Synology Calendar 2.3.4-0631之前版本存在跨站请求伪造漏洞,该漏洞源于 webapi 组件存在跨站请求伪造漏洞。
CVSS Information
N/A
Vulnerability Type
N/A