Synology-SA-19:04 Calendar

Publish Time: 2019-01-15 15:37:50 UTC+8

Last Updated: 2019-01-15 15:37:50 UTC+8

Severity
Moderate
Status
Resolved

Abstract

A vulnerability allows remote authenticated users to inject arbitrary web script or HTML via a susceptible version of Calendar.

Affected Products

Product Severity Fixed Release Availability
Calendar 2.3 Moderate Upgrade to 2.3.0-0615 or above.

Mitigation

None

Detail

Reserved

Revision

Revision Date Description
1 2019-01-15 Initial public release.