CVE-2014-10028 Information

Description

Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi when res_config_id is set to 41.

Reference

http://seclists.org/fulldisclosure/2014/Nov/100 http://websecurity.com.ua/7215/