CVE-2017-10676
The CVE-2017-10676 entry concerns a cross-site scripting (XSS) vulnerability in D-Link DIR-600M devices, specifically in the form2userconfig.cgi endpoint’s username parameter. Affects firmware versions prior to C1_v3.05ENB01_beta_20170306. The root cause is an XSS flaw in handling the username in...