CVE-2024-53285

CVSS V2 None CVSS V3 None
Description
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in DDNS Record functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors.
Overview
  • CVE ID
  • CVE-2024-53285
  • Assigner
  • synology
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-09T03:38:44.332Z
  • Last Modified Date
  • 2024-12-09T03:38:44.332Z
References
Reference URL Reference Tags
https://www.synology.com/en-global/security/advisory/Synology_SA_24_09 vendor-advisory
History
Created Old Value New Value Data Type Notes
2024-12-09 13:19:10 Added to TrackCVE