CVE-2018-10326 Information

Description

PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the (1) department field in the printer configuration (2) description field in the print server configuration and (3) username field for authentication to print as guest.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Reference

https://github.com/bzyo/CVE-PoCs/tree/master/CVE-2018-10326

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4