exploitDog

GHSA-99x8-9r3q-x8jw

Опубликовано: 29 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server before 3.0.27-0139 allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors.

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server before 3.0.27-0139 allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors.

Ссылки

EPSS

Процентиль: 17%

0.00055

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-13987

CVSS3: 5.9

nvd

5 месяцев назад

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors.

EPSS

Процентиль: 17%

0.00055

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-79