CVE-2012-1556 – Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2012-1556

12 Sep 2014 — Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to photo/photo_one.php. Vulnerabilidad de XSS en Synology Photo Station 5 para DiskStation Manager (DSM) 3.2-1955 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro name en photo/photo_one.php. • https://www.exploit-db.com/exploits/36944 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •