CVE-2019-13374
06.07.2019, 23:15
A cross-site scripting (XSS) vulnerability in resource view in PayAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to inject arbitrary web script or HTML via the index.php/Pay/passcodeAuth passcode parameter.
Vendor | Product | Version |
---|---|---|
dlink | central_wifimanager | 1.03 |
𝑥
= Vulnerable software versions
References