There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system.

This vulnerability occurs when user-supplied input is improperly sanitized and then reflected back to the user's browser, allowing an attacker to execute arbitrary JavaScript in the context of the victim's browser session.