CVE-2018-10326

Name of the Vulnerable Software and Affected Versions: PrinterOn Enterprise version 4.1.3

Description: The issue concerns multiple authenticated stored XSS vulnerabilities. These vulnerabilities can be exploited via the department field in the printer configuration, the description field in the print server configuration, and the username field for authentication to print as guest.

Recommendations: For PrinterOn Enterprise version 4.1.3, update the software to a version that includes fixes for these vulnerabilities. As a temporary workaround, consider restricting access to the department field in the printer configuration, the description field in the print server configuration, and the username field for guest printing until a patch is available. Avoid using these fields in a way that could introduce malicious scripts.