CVE-2021-42639

Sažetak

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.

Reference

https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite
https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints
https://www.printerlogic.com/security-bulletin/
https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html
https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/
https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite
http://printerlogic.com

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

08-02-2022 - 14:07

Objavljeno

02-02-2022 - 18:15