Vulnerability Details CVE-2020-26162
Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://securitydocs.business.xerox.com
- https://securitydocs.business.xerox.com/wp-content/uploads/2019/09/cert_Security_Mini_Bulletin_XRX19Y_for_WorkCentre-EC7836-EC7856.pdf
- https://securitydocs.business.xerox.com
- https://securitydocs.business.xerox.com/wp-content/uploads/2019/09/cert_Security_Mini_Bulletin_XRX19Y_for_WorkCentre-EC7836-EC7856.pdf
Products affected by CVE-2020-26162
-
cpe:2.3:h:xerox:workcentre_ec7836:-
-
cpe:2.3:h:xerox:workcentre_ec7856:-
-
cpe:2.3:o:xerox:workcentre_ec7836_firmware:-
-
cpe:2.3:o:xerox:workcentre_ec7836_firmware:073.050.000.02300
-
cpe:2.3:o:xerox:workcentre_ec7836_firmware:073.050.048.15000
-
cpe:2.3:o:xerox:workcentre_ec7856_firmware:-
-
cpe:2.3:o:xerox:workcentre_ec7856_firmware:073.020.000.02300
-
cpe:2.3:o:xerox:workcentre_ec7856_firmware:073.020.048.15000