OpenCVE

Filtered by vendor Synology Subscriptions

Filtered by product Chat Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-15892	1 Synology	1 Chat	2024-11-21	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Slash Command Creator in Synology Chat before 2.0.0-1124 allow remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.
CVE-2017-15886	1 Synology	1 Chat	2024-11-21	N/A
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0-1124 allows remote authenticated users to download arbitrary local files via a crafted URI.
CVE-2017-11148	1 Synology	1 Chat	2024-11-21	N/A
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.

Page 1 of 1.