Lorenzo Di Fuccia

**Name of the Vulnerable Software and Affected Versions** Routers2 version 2.24 **Description** A Cross-Site Scripting (XSS) issue was discovered, affecting the `rtr` GET parameter in a "page=graph" action to the "cgi-bin/routers2.pl" endpoint. **Recommendations** For Routers2 version 2.24, consider restricting access to the vulnerable `cgi-bin/routers2.pl` endpoint until a patch is available. As a temporary workaround, avoid using the `rtr` parameter in the affected endpoint to minimize the risk of exploitation.