The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks.Referenceshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en
