Vulnerabilities > Openwrt > Lede > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-11-28 CVE-2018-19630 Cross-site Scripting vulnerability in Openwrt Lede and Openwrt
cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI.
network
low complexity
openwrt CWE-79
6.1