Cross-Site Scripting Vulnerability in TOTOLINK A3002R Router
CVE-2021-34223
6.1MEDIUM
What is CVE-2021-34223?
A Cross-Site Scripting vulnerability exists in the 'urlfilter.htm' file of the TOTOLINK A3002R router, specifically in version V1.1.1-B20200824. This flaw allows attackers to inject and execute arbitrary JavaScript code by manipulating the 'URL Address' field. Thus, malicious actors can exploit this vulnerability to potentially execute harmful scripts in the context of the victim's browser, leading to unauthorized actions or data theft.