CVE-2022-41435
OpenWrt LuCI is affected by a stored XSS in the /system/sshkeys.js component of version git-22.140.66206-02913be. The vulnerability allows an attacker to execute arbitrary web scripts or HTML via crafted public key comments, with exploitation focusing on the LuCI Web UI. Root cause appears to be ...