CVE-2021-41391

In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt