Name of the Vulnerable Software and Affected Versions:

Synology RADIUS Server versions prior to 3.0.27-0139

Description:

The application contains a cross-site scripting (XSS) issue. Remote authenticated users with administrator privileges can read or write limited files in SRM and conduct limited denial-of-service attacks.

Recommendations:

Update Synology RADIUS Server to version 3.0.27-0139 or later.