XSS in Tp-link Tl-wr841n

CVE-2012-6316

Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (48.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

56602 (vdb-entry, x_refsource_BID)
20121207 TP-LINK TL-WR841N XSS (Cross Site Scripting) (mailing-list, x_refsource_FULLDISC)