Printeron: >> Printeron >> 4.1.3 Security Vulnerabilities
An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
CVSS Score
7.7
EPSS Score
0.005
Published
2019-04-23
PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the (1) department field in the printer configuration, (2) description field in the print server configuration, and (3) username field for authentication to print as guest.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-05-17
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding, which allows local users to obtain credentials for a domain user by reading the cps_config.xml file.
CVSS Score
7.0
EPSS Score
0.001
Published
2018-05-17