Cross-Site Scripting Vulnerability in Linksys EA6500 Router

CVE-2013-3065

Summary

A cross-site scripting vulnerability exists in the Parental Controls section of the Linksys EA6500 router. This flaw allows remote authenticated users to inject arbitrary web scripts or HTML into the user interface. Specifically, the vulnerability is found in the Blocked Specific Sites section, where careful manipulation of inputs can lead to a successful attack. By exploiting this vulnerability, attackers may deliver malicious scripts that can compromise user data and router security.

References