Vulnerability Details CVE-2019-11828
Cross-site scripting (XSS) vulnerability in Chart in Synology Office before 3.1.4-2771 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.4%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 3.5
References
Products affected by CVE-2019-11828
-
cpe:2.3:a:synology:office:1.0-0229
-
cpe:2.3:a:synology:office:1.1.1-0240
-
cpe:2.3:a:synology:office:1.1.2-0331
-
cpe:2.3:a:synology:office:1.1.3-0338
-
cpe:2.3:a:synology:office:1.1.4-0343
-
cpe:2.3:a:synology:office:2.0.1-1076
-
cpe:2.3:a:synology:office:2.1.0-1258
-
cpe:2.3:a:synology:office:2.1.0-1259
-
cpe:2.3:a:synology:office:2.1.2-1263
-
cpe:2.3:a:synology:office:2.1.3-1273
-
cpe:2.3:a:synology:office:2.2.0-1502
-
cpe:2.3:a:synology:office:2.2.1-1506
-
cpe:2.3:a:synology:office:2.2.2-1508
-
cpe:2.3:a:synology:office:2.2.3-1513
-
cpe:2.3:a:synology:office:3.0.0-2112
-
cpe:2.3:a:synology:office:3.0.1-2123
-
cpe:2.3:a:synology:office:3.0.2-2135
-
cpe:2.3:a:synology:office:3.0.3-2143
-
cpe:2.3:a:synology:office:3.0.4-2148
-
cpe:2.3:a:synology:office:3.1.0-2737
-
cpe:2.3:a:synology:office:3.1.1-2750
-
cpe:2.3:a:synology:office:3.1.2-2757
-
cpe:2.3:a:synology:office:3.1.3-2765