CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17167

PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Machine Host Name" or "Server Serial Number" field in the clustering configuration, (2) "name" field in the Edit Group configuration, (3) "Rule Name" field in the Access Control configuration, (4) "Service Name" in the Service Configuration, or (5) First Name or Last Name field in the Edit Account configuration.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.0%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17167-XSS-PrinterON
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17167-XSS-PrinterON

Products affected by CVE-2018-17167

Printeron » Printeron » Version: 4.1.4

cpe:2.3:a:printeron:printeron:4.1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17167

Products

Pricing

Contact Us