3Com OfficeConnect Secure Router Tk Parameter Cross Site Scripting Vulnerability

3Com OfficeConnect Secure Router Tk Parameter Cross Site Scripting Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.

The following proof-of-concept URI is available:

http://example.com/cgi-bin/admin?page=1&tk=>[xss]