Photo Station 6.3-2953

Publish Time: 2015-07-01 00:00:00 UTC+8

Last Updated: UTC+8

Severity
Security.impact_level_
Status
Resolved

Description

Photo Station version 6.3-2953 includes the security fixes to address the following security vulnerabilities:

  • One vulnerability that allows an attacker to execute cross-site scripting (XSS) attacks to obtain user’s private data (e.g. stealing session token).
  • The other vulnerability that could compromise user’s information because HTTP connections might not be redirected correctly to HTTPS connections in Photo Station blog.

Resolution

To fix the security issues, please go to DSM > Package Center, install the latest version 6.3-2953 of Photo Station package to protect DiskStation from malicious attacks.

Note

For the following models, please go to DSM > Package Center, install the latest version 6.0-2636 of Photo Station package to protect DiskStation from malicious attacks: DS109, DS209, DS409, DS409slim, DS109+, DS209+, DS209+II, DS409+, DS509+, RS409(RP)+.