{"uuid": "eae7e2fc-14f4-405c-b765-588aff288a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16774", "type": "seen", "source": "https://t.me/cibsecurity/3460", "content": "ATENTION\u203c New - CVE-2017-16774\n\nCross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-04-01T18:32:07.000000Z"}