CVE-2021-21746
The CVE-2021-21746 entry concerns the ZTE MF971R mobile router, where a reflective Cross-Site Scripting (XSS) vulnerability exists in the device’s web application/API layer. The issue enables an attacker to reflect user-supplied input via certain web API endpoints, leading to arbitrary JavaScript...