LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID.
References
Link | Resource |
---|---|
https://openwrt.org/advisory/2019-11-05-1 | Exploit Patch Vendor Advisory |
https://github.com/openwrt/luci/commit/bc17ef673f734ea8e7e696ba5735588da9111dcd | Patch Third Party Advisory |
Configurations
Information
Published : 2021-01-26 10:15
Updated : 2021-01-29 07:27
NVD link : CVE-2019-25015
Mitre link : CVE-2019-25015
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
openwrt
- openwrt