CVE-2019-13374

A cross-site scripting (XSS) vulnerability in resource view in PayAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to inject arbitrary web script or HTML via the index.php/Pay/passcodeAuth passcode parameter.
Configurations

Configuration 1


Information

Published : 2019-07-06 11:15

Updated : 2019-07-09 08:16


NVD link : CVE-2019-13374

Mitre link : CVE-2019-13374

Products Affected
CWE