A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wireless_autonetwork_1 POST request.
CPE | Name | Operator | Version |
---|---|---|---|
dsl-2680_firmware | eq | 1.03 |