Headline
CVE-2023-24182: luci-mod-system: fix potential stored XSS · openwrt/luci@0186d7e
LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.
@@ -204,7 +204,7 @@ function removeKey(ev) {
L.showModal(_(‘Delete key’), [ E('div’, _(‘Do you really want to delete the following SSH key?’)), E('pre’, delkey), E('pre’, [ delkey ]), E('div’, { class: ‘right’ }, [ E('div’, { class: 'btn’, click: L.hideModal }, _(‘Cancel’)), ' ',