Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
2018-12-24T14:29:00.800
2024-11-21T04:14:36.080
Modified
CVSSv3.0: 6.5 (MEDIUM)
AV:N/AC:M/Au:S/C:N/I:P/A:N
6.8
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | synology | router_manager | < 1.1.7-6941 | Yes |