CVE-2018-13310
TOTOLINK A3002RU (firmware version 1.0.8) is affected by CVE-2018-13310. The vulnerability is a cross-site scripting flaw in the password.htm page that allows an attacker to cause arbitrary JavaScript execution via the user’s username. Multiple connected sources (NVD entry and CNVD-2018-24105) co...