14 matches found
CVE-2021-45905
OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen...
CVE-2021-45905
OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen...
CVE-2021-45904
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen...
CVE-2021-45904
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen...
CVE-2021-45904
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen...
CVE-2021-45905
OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen...
CVE-2021-45905
Concretely, CVE-2021-45905 affects OpenWrt 21.02.1 and is an XSS in the Traffic Rules Name screen caused by insufficient input filtering/escaping. The vulnerability has a demonstrated impact on confidentiality/integrity via client-side script injection, with CVSS values (2.0: 3.5/LOW; 3.1: 5.4/ME...
CVE-2021-45906
OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen...
CVE-2021-45906
OpenWrt 21.02.1 is affected by a cross-site scripting (XSS) vulnerability in the NAT Rules Name screen of the LuCI web interface. The underlying issue is insufficient input filtering/escaping for user-supplied parameters in that screen. Exploitation could occur remotely via the web UI, with user ...
OpenWrt 跨站脚本漏洞
OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in OpenWrt version 21.02.1, which stems from the lack of effective filtering and escaping of user-submitted parameters in the Traffic Rules Name screen. No detailed vulnerability details...
OpenWrt 跨站脚本漏洞
OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in OpenWrt version 21.02.1, which stems from the lack of effective filtering and escaping of user-submitted parameters in the NAT Rules Name screen. No detailed vulnerability details are...
PT-2021-6850 · Openwrt · Openwrt
Name of the Vulnerable Software and Affected Versions: OpenWrt version 21.02.1 Description: The issue exists due to a lack of protection for the web page structure in the OpenWrt embedded operating system. This can be exploited by a remote attacker to impact the confidentiality and integrity of...
OpenWrt 跨站脚本漏洞
OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in version 21.02.1, which stems from a lack of effective filtering and escaping of user-submitted parameters in the Port Forwards Add Name screen. No detailed vulnerability details are...
PT-2021-6033 · Luci +1 · Luci +1
Name of the Vulnerable Software and Affected Versions: OpenWrt version 21.02.1 Description: The issue is related to a lack of protection for the web page structure in the NAT Rules Name screen of the LuCI configuration web interface in OpenWrt. This can be exploited by a remote attacker to perfor...