2 matches found
CVE-2021-41390
Ericsson ECM prior to 18.0 contains a CSV injection vulnerability in the Security Provider Endpoint of the User Profile Management section (CVE-2021-41390). The issue is documented across multiple sources (NVD, Red Hat advisory, CVE list, CNNVD). The provided materials consistently describe the a...
CVE-2021-41391
CVE-2021-41391 affects Ericsson ECM prior to 18.0. The Security Management Endpoint in the User Profile Management section is vulnerable to stored XSS via a name, enabling session hijacking and potential full account takeover. This vulnerability is documented across multiple sources (NVD entry wi...