Cross Site Scripting Vulnerability in ZyXEL ZyWALL 2 Plus Security Appliance

CVE-2021-46387

Summary

The ZyXEL ZyWALL 2 Plus Internet Security Appliance is susceptible to a Cross Site Scripting (XSS) vulnerability due to improper handling of URIs. This flaw allows attackers to bypass security restrictions, enabling them to inject and execute arbitrary JavaScript code. Such exploitation can lead to severe consequences, including clipboard hijacking, session hijacking, and unauthorized access to sensitive user information. Effective remediation is imperative to safeguard the integrity of network communications.

References