CVE-2020-15895
D-Link DIR-816L devices (2.x) before 1.10b04Beta02 contain an XSS in webinc/js/info.php where the RESULT parameter is printed without output filtration. An attacker can inject arbitrary script in a victim’s browser, potentially enabling cookie-based credential theft and other browser-based attack...