G-Rubert

**Name of the Vulnerable Software and Affected Versions** D-Link DSL-2730E CT-20131125 **Description** The issue allows for cross-site scripting (XSS) attacks via the `username` parameter to the password page in the maintenance configuration. This is due to a lack of protection measures for the web page structure, which can be exploited by a remote attacker to conduct an XSS attack. **Recommendations** For D-Link DSL-2730E CT-20131125 devices, as a temporary workaround, consider restricting access to the password page in the maintenance configuration to minimize the risk of exploitation. Avoid using the `username` parameter in the affected page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.