CVE-2025-13167 | Synology Contacts prior 1.0.10-20659 contact cross site scripting (SA_25_13)

A vulnerability was found in Synology Contacts. It has been rated as problematic. This affects the function Contact. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2025-13167. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More