CVE-2015-5992

The CVE-2015-5992 entry concerns Cross-Site Scripting (XSS) in the form2WlanSetup.cgi page of PLDT SpeedSurf 504AN (firmware GAN9.8U26-4-TX-R6B018-PH.EN) and Kasda KW58293 devices. The vulnerability arises from insufficient filtering of the ssid parameter, enabling a remote attacker to inject arb...