CVE-2017-15888 - AskarLabs CVE Database

CVE-2017-15888

Vendor Synology

Product Synology Audio Station

Weakness CWE-79 · XSS

Published October 30, 2017

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Cross-site scripting (XSS) vulnerability in Custom Internet Radio List in Synology Audio Station before 6.3.0-3260 allows remote authenticated attackers to inject arbitrary web script or HTML via the NAME parameter.

Key dates

02Disclosure timeline

October 30, 2017 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-15888 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-0618 Fluent Forms <= 5.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting via imported form title CVE-2026-5630 assafelovic gpt-researcher Report API app.py cross site scripting CVE-2024-13399 Gosign – Posts Slider Block <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2021-36027 Magento Commerce Stored Cross-site Scripting Vulnerability CVE-2024-13183 Orbit Fox by ThemeIsle <= 2.10.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via title_tag Parameter