0.001 Low
EPSS
Percentile
35.3%
cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI.
bugs.openwrt.org/index.php?do=details&task_id=1974