Vulnerability Details CVE-2020-25890
The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2020-25890
-
cpe:2.3:h:kyocera:ecosys_m2640idw:-
-
cpe:2.3:o:kyocera:ecosys_m2640idw_firmware:-