CVE-2017-8125

Description

The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks.

Affected products

• Huawei Technologies Co., Ltd. / UMAV200R001 and V300R001 – V200R001 and V300R001

References

• VENDOR_ADVISORYhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en