CVE-2015-1056

Name of the Vulnerable Software and Affected Versions Brother MFC-J4410DW printer with firmware before L

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the url parameter to "general/status.html" and possibly other pages.

Recommendations For firmware before L, update the firmware to version L or later to resolve the issue. As a temporary workaround, consider restricting access to the "general/status.html" page and other potentially vulnerable pages until the firmware update is applied. Avoid using the url parameter in the affected API endpoint until the issue is resolved.