Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-8915

Cross-site scripting (XSS) vulnerability in Notification Center in Synology Calendar before 2.1.1-0502 allows remote authenticated users to inject arbitrary web script or HTML via title parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.5
Products affected by CVE-2018-8915
  • Synology » Calendar » Version: 1.0.0-0121
    cpe:2.3:a:synology:calendar:1.0.0-0121
  • Synology » Calendar » Version: 1.0.2-0131
    cpe:2.3:a:synology:calendar:1.0.2-0131
  • Synology » Calendar » Version: 1.0.3-0132
    cpe:2.3:a:synology:calendar:1.0.3-0132
  • Synology » Calendar » Version: 1.1.0-0146
    cpe:2.3:a:synology:calendar:1.1.0-0146
  • Synology » Calendar » Version: 2.0.0-0241
    cpe:2.3:a:synology:calendar:2.0.0-0241
  • Synology » Calendar » Version: 2.0.1-0242
    cpe:2.3:a:synology:calendar:2.0.1-0242
  • Synology » Calendar » Version: 2.1.0-0425
    cpe:2.3:a:synology:calendar:2.1.0-0425


Products
Pricing
Contact Us

Shodan ® - All rights reserved