CVE-2023-41781

Description

There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-41781
Base Score: 6.1
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Impact Score: 2.7
Exploitability Score: 2.8

zte.com
CVE ID: CVE-2023-41781
Base Score: 5.7
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
Impact Score: 4.7
Exploitability Score: 0.9

Refrence: NVD MITRE

Description​

Description