There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered.

Related CVEs

CVE-2023-41781

Key Information

GHSA ID

GHSA-3v7c-v9wf-3c7v

Published

January 10, 2024 9:30 AM

Last Modified

January 17, 2024 3:30 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.