CVE-2021-41391

Publication date

2021-09-17 20:56:21

Family

mitre

State

PUBLISHED

Description

In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover.