Required CVE Record Information
Description
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS.
References 4 Total
- exploit-db.com: 45533 exploit
- https://www.secureauth.com/labs/advisories/d-link-central-wifimanager-software-controller-multiple-vulnerabilities
- seclists.org: 20181004 [CORE-2010-0010] - D-Link Central WiFiManager Software Controller Multiple mailing-list
- https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10092
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- exploit-db.com: 45533 exploitx_transferred
- https://www.secureauth.com/labs/advisories/d-link-central-wifimanager-software-controller-multiple-vulnerabilities x_transferred
- seclists.org: 20181004 [CORE-2010-0010] - D-Link Central WiFiManager Software Controller Multiple mailing-listx_transferred
- https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10092 x_transferred