CVE-2018-6528
CVE-2018-6528 refers to an XSS flaw in D-Link DIR-860L/865L/868L routers (bsc_sms_send.php) that allows a remote attacker to read cookies via a crafted receiver parameter to soap.cgi. Root cause: improper input validation in htdocs/webinc/body/bsc_sms_send.php. Affected firmware versions include ...