Synology-SA-23:09 Mail Station

Publish Time: 2023-06-27 17:43:29 UTC+8

Last Updated: 2023-06-27 17:44:58 UTC+8

Severity
Critical
Status
Resolved

Abstract

Multiple vulnerabilities allow remote attackers to potentially inject SQL commands and inject arbitrary web scripts or HTML via a susceptible version of Mail Station.

Affected Products

Product Severity Fixed Release Availability
Mail Station for DSM 7.2 Critical Upgrade to 20230626-20322 or above.
Mail Station for DSM 7.1 Critical Upgrade to 20230626-10322 or above.
Mail Station for DSM 7.0 Critical Upgrade to 20230626-10322 or above.
Mail Station for DSM 6.2 Critical Upgrade to 20230626-0322 or above.

Mitigation

None

Detail

Reserved

Revision

Revision Date Description
1 2023-06-27 Initial public release.