Cross-Site Scripting Vulnerability in D-Link DIR-815 REV. B Product
CVE-2018-10108
6.1MEDIUM
What is CVE-2018-10108?
D-Link DIR-815 REV. B devices are susceptible to a Cross-Site Scripting (XSS) vulnerability. This issue arises from improper handling of the Treturn parameter in the /htdocs/webinc/js/bsc_sms_inbox.php file, potentially allowing an attacker to inject malicious scripts. Exploitation of this vulnerability could facilitate unauthorized access to sensitive user information, leading to significant security risks for affected users.