Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-8924

Cross-site scripting (XSS) vulnerability in Title Tootip in Synology Office before 3.0.3-2143 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.4%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.5
Products affected by CVE-2018-8924
  • Synology » Office » Version: 1.0-0229
    cpe:2.3:a:synology:office:1.0-0229
  • Synology » Office » Version: 1.1.1-0240
    cpe:2.3:a:synology:office:1.1.1-0240
  • Synology » Office » Version: 1.1.2-0331
    cpe:2.3:a:synology:office:1.1.2-0331
  • Synology » Office » Version: 1.1.3-0338
    cpe:2.3:a:synology:office:1.1.3-0338
  • Synology » Office » Version: 1.1.4-0343
    cpe:2.3:a:synology:office:1.1.4-0343
  • Synology » Office » Version: 2.0.1-1076
    cpe:2.3:a:synology:office:2.0.1-1076
  • Synology » Office » Version: 2.1.0-1258
    cpe:2.3:a:synology:office:2.1.0-1258
  • Synology » Office » Version: 2.1.0-1259
    cpe:2.3:a:synology:office:2.1.0-1259
  • Synology » Office » Version: 2.1.2-1263
    cpe:2.3:a:synology:office:2.1.2-1263
  • Synology » Office » Version: 2.1.3-1273
    cpe:2.3:a:synology:office:2.1.3-1273
  • Synology » Office » Version: 2.2.0-1502
    cpe:2.3:a:synology:office:2.2.0-1502
  • Synology » Office » Version: 2.2.1-1506
    cpe:2.3:a:synology:office:2.2.1-1506
  • Synology » Office » Version: 2.2.2-1508
    cpe:2.3:a:synology:office:2.2.2-1508
  • Synology » Office » Version: 2.2.3-1513
    cpe:2.3:a:synology:office:2.2.3-1513
  • Synology » Office » Version: 3.0.0-2112
    cpe:2.3:a:synology:office:3.0.0-2112
  • Synology » Office » Version: 3.0.1-2123
    cpe:2.3:a:synology:office:3.0.1-2123
  • Synology » Office » Version: 3.0.2-2135
    cpe:2.3:a:synology:office:3.0.2-2135


Products
Pricing
Contact Us

Shodan ® - All rights reserved