CVE-2026-61875 - luci-app-upnp Stored XSS via UPnP Port Mapping Description
CVE ID :CVE-2026-61875 Published : July 12, 2026, 12:16 p.m. | 16 minutes ago Description :luci-app-upnp contains a stored cross-site scripting vulnerability that allows unauthenticated LAN clients to inject JavaScript via UPnP IGD AddPortMapping SOAP requests. Attackers can send malicious...