4 matches found
CVE-2021-33425
A stored cross-site scripting XSS vulnerability was discovered in the Web Interface for OpenWRT LuCI version 19.07 which allows attackers to inject arbitrary Javascript in the OpenWRT Hostname via the Hostname Change operation...
OpenWRT < 19.07.8 Multiple Vulnerabilities
OpenWRT is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-33425
A stored cross-site scripting XSS vulnerability was discovered in the Web Interface for OpenWRT LuCI version 19.07 which allows attackers to inject arbitrary Javascript in the OpenWRT Hostname via the Hostname Change operation...
CVE-2021-33425
CVE-2021-33425 is a stored XSS in OpenWrt LuCI web interface (hostname change) affecting LuCI 19.07 series (19.07.0–19.07.7). The root cause is improper handling of the UCI hostname content in LuCI templates, allowing arbitrary JavaScript to be injected into the hostname field and reflected in th...