Sonoff TH Module XSS

### Sonoff TH Module Vuln #xss [](https://images.seebug.org/1583428826027-w331s) _**Device Dimensions**_  Shodan indexed: [](https://images.seebug.org/1583428838663-w331s) **_Home web, of the device:_** [](https://images.seebug.org/1583428846320-w331s) ** Input "Friendly name1" vulnerable a XSS persistent** Path: http://<host>/co [](https://images.seebug.org/1583428851081-w331s) payload XSS: x<img/src=x onerror(666)> [](https://images.seebug.org/1583428854710-w331s) Models tested/vuln: TH 10 / TH 16 Firmware 6.6.0.21 Saludos, [@Capitan_Alfa](https://twitter.com/capitan_Alfa)