Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.

User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.

The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.

The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.