2025-07-23 04:11:51
synology
PUBLISHED
Improper neutralization of input during web page generation (Cross-site Scripting) vulnerability in VPN Setting functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors.