2 matches found
CVE-2014-9020
Cross-site scripting XSS vulnerability in the Quick Stats page psilan.cgi in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected...
CVE-2014-9020
CVE-2014-9020 is an XSS vulnerability affecting ZTE ZXDSL 831 and 831CII devices in the Quick Stats page (psilan.cgi). The vulnerability arises from insufficient input validation on the domainname parameter in the save action, allowing remote attackers to inject arbitrary web script or HTML. This...