CVE-2018-15530

Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code.
References
Link Resource
https://ysec.ch/?p=94 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:xerox:colorqube_8580_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:xerox:colorqube_8580:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-05-13 13:29

Updated : 2024-02-04 20:20


NVD link : CVE-2018-15530

Mitre link : CVE-2018-15530

CVE.ORG link : CVE-2018-15530


JSON object : View

Products Affected

xerox

  • colorqube_8580_firmware
  • colorqube_8580
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')