CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16771

Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2017-16771

Synology » Photo Station » Version: 6.3

cpe:2.3:a:synology:photo_station:6.3
Synology » Photo Station » Version: 6.3-2944

cpe:2.3:a:synology:photo_station:6.3-2944
Synology » Photo Station » Version: 6.3-2958

cpe:2.3:a:synology:photo_station:6.3-2958
Synology » Photo Station » Version: 6.3-2960

cpe:2.3:a:synology:photo_station:6.3-2960
Synology » Photo Station » Version: 6.3-2962

cpe:2.3:a:synology:photo_station:6.3-2962
Synology » Photo Station » Version: 6.3-2963

cpe:2.3:a:synology:photo_station:6.3-2963
Synology » Photo Station » Version: 6.3-2964

cpe:2.3:a:synology:photo_station:6.3-2964
Synology » Photo Station » Version: 6.3-2965

cpe:2.3:a:synology:photo_station:6.3-2965
Synology » Photo Station » Version: 6.3-2967

cpe:2.3:a:synology:photo_station:6.3-2967
Synology » Photo Station » Version: 6.3-2968

cpe:2.3:a:synology:photo_station:6.3-2968
Synology » Photo Station » Version: 6.3-2970

cpe:2.3:a:synology:photo_station:6.3-2970
Synology » Photo Station » Version: 6.8

cpe:2.3:a:synology:photo_station:6.8
Synology » Photo Station » Version: 6.8.0-3456

cpe:2.3:a:synology:photo_station:6.8.0-3456
Synology » Photo Station » Version: 6.8.1-3458

cpe:2.3:a:synology:photo_station:6.8.1-3458
Synology » Photo Station » Version: 6.8.2-3461

cpe:2.3:a:synology:photo_station:6.8.2-3461

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16771

Products

Pricing

Contact Us