Loading HuntDB...

GHSA-3m6f-2h66-fxv5

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE

Advisory Details

A reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/site_access/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attacker javascript execution in the context of the victim's browser.

Related CVEs

Key Information

GHSA ID
GHSA-3m6f-2h66-fxv5
Published
December 10, 2021 12:00 AM
Last Modified
December 14, 2021 12:01 AM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: August 2, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.