CVE-2018-17989
CVE-2018-17989 affects D-Link DSL-3782 devices (firmware 1.01). A stored XSS vulnerability exists in the device’s web interface, allowing an authenticated attacker to inject a JavaScript/HTML payload into the ACL page. The payload executes when the browser requests "/cgi-bin/New_GUI/Acl.asp". Acc...