CVE-2014-3761 Information

Description

Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi in the Control/URL-filter section.

Reference

http://seclists.org/fulldisclosure/2014/Apr/246 http://websecurity.com.ua/7112