GHSA-3m6f-2h66-fxv5
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
A reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/site_access/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attacker javascript execution in the context of the victim's browser.
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: August 2, 2025 6:46 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.