CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8911

Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 3.5

References

Products affected by CVE-2018-8911

Synology » Note Station » Version: 1.0-0069

cpe:2.3:a:synology:note_station:1.0-0069
Synology » Note Station » Version: 1.0-0074

cpe:2.3:a:synology:note_station:1.0-0074
Synology » Note Station » Version: 1.1-0205

cpe:2.3:a:synology:note_station:1.1-0205
Synology » Note Station » Version: 1.1-0207

cpe:2.3:a:synology:note_station:1.1-0207
Synology » Note Station » Version: 1.1-0211

cpe:2.3:a:synology:note_station:1.1-0211
Synology » Note Station » Version: 1.1-0212

cpe:2.3:a:synology:note_station:1.1-0212
Synology » Note Station » Version: 1.1-0214

cpe:2.3:a:synology:note_station:1.1-0214
Synology » Note Station » Version: 1.1-0215

cpe:2.3:a:synology:note_station:1.1-0215
Synology » Note Station » Version: 2.0-0513

cpe:2.3:a:synology:note_station:2.0-0513
Synology » Note Station » Version: 2.1.0-0528

cpe:2.3:a:synology:note_station:2.1.0-0528
Synology » Note Station » Version: 2.2.0-0538

cpe:2.3:a:synology:note_station:2.2.0-0538
Synology » Note Station » Version: 2.3.0-0547

cpe:2.3:a:synology:note_station:2.3.0-0547
Synology » Note Station » Version: 2.4.0-0615

cpe:2.3:a:synology:note_station:2.4.0-0615
Synology » Note Station » Version: 2.4.1-0619

cpe:2.3:a:synology:note_station:2.4.1-0619
Synology » Note Station » Version: 2.4.2-0629

cpe:2.3:a:synology:note_station:2.4.2-0629
Synology » Note Station » Version: 2.4.3-0810

cpe:2.3:a:synology:note_station:2.4.3-0810
Synology » Note Station » Version: 2.4.4-0822

cpe:2.3:a:synology:note_station:2.4.4-0822
Synology » Note Station » Version: 2.4.5-0824

cpe:2.3:a:synology:note_station:2.4.5-0824
Synology » Note Station » Version: 2.4.6-0827

cpe:2.3:a:synology:note_station:2.4.6-0827
Synology » Note Station » Version: 2.5.0-0839

cpe:2.3:a:synology:note_station:2.5.0-0839

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8911

Products

Pricing

Contact Us