GHSA-32xh-xfmp-f6p6MediumCVSS 5.4
Improper neutralization of input during web page generation ('Cross-site Scripting')...
🔗 CVE IDs covered (1)
📋 Description
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in contact functionality in Synology Contacts before 1.0.10-20659 allows remote authenticated users to read or write specific files containing non-sensitive information via unspecified vectors.