2021-06-18 09:55:13
twcert
PUBLISHED
The login page in the MCUsystem does not filter with special characters, which allows remote attackers can inject JavaScript without privilege and thus perform reflected XSS attacks.