PT-2021-20468 · Synology · Photo Station

Tony Martin

Published

2021-10-01

Updated

2021-10-04

CVE-2021-34354

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions: Photo Station versions prior to 6.0.18

Description: A cross-site scripting (XSS) issue has been reported, allowing remote attackers to inject malicious code.

Recommendations: For versions prior to 6.0.18, update to Photo Station 6.0.18 or later to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2021-34354

Photo Station