CVE-2018-20372

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client.