CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-9104

Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.2%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2015-9104

Synology » Audio Station » Version: 5.1-2541

cpe:2.3:a:synology:audio_station:5.1-2541
Synology » Audio Station » Version: 5.1-2542

cpe:2.3:a:synology:audio_station:5.1-2542
Synology » Audio Station » Version: 5.1-2547

cpe:2.3:a:synology:audio_station:5.1-2547
Synology » Audio Station » Version: 5.1-2549

cpe:2.3:a:synology:audio_station:5.1-2549
Synology » Audio Station » Version: 5.4-2852

cpe:2.3:a:synology:audio_station:5.4-2852
Synology » Audio Station » Version: 5.4-2853

cpe:2.3:a:synology:audio_station:5.4-2853
Synology » Audio Station » Version: 5.4-2855

cpe:2.3:a:synology:audio_station:5.4-2855

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-9104

Products

Pricing

Contact Us