CVE-2018-19630
The vulnerability CVE-2018-19630 affects OpenWrt up to 18.06.1 and LEDE up to 17.01, where the uhttpd component’s cgi_handle_request is vulnerable to unauthenticated reflected XSS via the request URI (demonstrated with cgi-bin/?[XSS]). The issue is triggered by crafted URI input and allows a refl...