CVE-2018-6355

CVE: CVE-2018-6355
Published: 2018-01-30T17:29Z
Vendor: iball
Products: ib-wrb302n_firmware
Versions: 1.0.1-sep_8_2017,
Description Language: en
Description: /goform/setLang on iBall 300M devices with “iB-WRB302N_1.0.1-Sep 8 2017” firmware has Unauthenticated Stored Cross Site Scripting via the lang parameter.
References:
https://gist.github.com/MayurUdiniya/597169f582e506b610beb4e84fd8c8fc