CVE-2021-32536

The login page in the MCUsystem does not filter with special characters, which allows remote attackers can inject JavaScript without privilege and thus perform reflected XSS attacks. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt