PT-2018-17044 · Epson · Epson Iprint
Published
2018-02-08
·
Updated
2024-11-10
·
CVE-2018-5550
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Epson AirPrint versions prior to January 19, 2018
Description
The issue allows untrusted users on the network to hijack a session cookie or perform other reflected cross-site scripting (XSS) attacks on a currently logged-on user. This is due to a reflective XSS vulnerability.
Recommendations
For versions prior to January 19, 2018, update to a version released after January 19, 2018 to resolve the issue. As a temporary workaround, consider restricting access to the network to minimize the risk of exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Epson Iprint