CVE-2018-16605

D-Link DIR-600M devices allow XSS via the Hostname and Username fields in the Dynamic DNS Configuration page.