Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190.9, Color LaserJet CM60xx with firmware before 52.210.9, Color LaserJet CP3525 with firmware before 06.140.3 18, Color LaserJet CP4xxx with firmware before 07.120.6, Color LaserJet CP6015 with firmware before 04.160.3, LaserJet P3015 with firmware before 07.140.3, and LaserJet P4xxx with firmware before 04.170.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:40
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securitytracker.com/id?1027841 - | |
References | () https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03556108 - Vendor Advisory |
Information
Published : 2012-12-06 11:45
Updated : 2024-11-21 01:40
NVD link : CVE-2012-3272
Mitre link : CVE-2012-3272
CVE.ORG link : CVE-2012-3272
JSON object : View
Products Affected
hp
- color_laserjet_cp4xxx
- color_laserjet_cp3525
- color_laserjet_cm60xx
- laserjet_p4xxx
- color_laserjet_cm3530
- laserjet_p3015
- color_laserjet_cp6015
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')