Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
Mon, 01 Sep 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server before 3.0.27-0139 allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors. | Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors. |
Sun, 31 Aug 2025 08:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Synology
Synology radius Server |
|
Vendors & Products |
Synology
Synology radius Server |
Fri, 29 Aug 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 29 Aug 2025 07:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server before 3.0.27-0139 allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors. | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: synology
Published:
Updated: 2025-09-01T01:34:03.271Z
Reserved: 2025-08-29T06:25:30.790Z
Link: CVE-2024-13987

Updated: 2025-08-29T16:24:00.441Z

Status : Awaiting Analysis
Published: 2025-08-29T08:15:31.050
Modified: 2025-09-01T02:15:40.770
Link: CVE-2024-13987

No data.

Updated: 2025-08-31T08:41:38Z