Synology-SA-23:09 Mail Station

Publish Time: 2023-06-27 17:43:29 UTC+8

Last Updated: 2023-06-27 17:44:58 UTC+8

Severity: Critical

Status: Resolved

Abstract

Multiple vulnerabilities allow remote attackers to potentially inject SQL commands and inject arbitrary web scripts or HTML via a susceptible version of Mail Station.

Affected Products

Product	Severity	Fixed Release Availability
Mail Station for DSM 7.2	Critical	Upgrade to 20230626-20322 or above.
Mail Station for DSM 7.1	Critical	Upgrade to 20230626-10322 or above.
Mail Station for DSM 7.0	Critical	Upgrade to 20230626-10322 or above.
Mail Station for DSM 6.2	Critical	Upgrade to 20230626-0322 or above.

Mitigation

None

Detail

Reserved

Revision

Revision	Date	Description
1	2023-06-27	Initial public release.