Improper Input Validation
CVE-2023-41781
Summary
There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered.
- LOW
- ADJACENT_NETWORK
- LOW
- UNCHANGED
- NONE
- HIGH
- HIGH
- LOW
CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
References
Advisory Timeline
- Published
