CVE-2012-3272

Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190.9, Color LaserJet CM60xx with firmware before 52.210.9, Color LaserJet CP3525 with firmware before 06.140.3 18, Color LaserJet CP4xxx with firmware before 07.120.6, Color LaserJet CP6015 with firmware before 04.160.3, LaserJet P3015 with firmware before 07.140.3, and LaserJet P4xxx with firmware before 04.170.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:hp:color_laserjet_cm3530:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_cm60xx:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_cp3525:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_cp4xxx:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_cp6015:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_p3015:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_p4xxx:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:40

Type Values Removed Values Added
References () http://www.securitytracker.com/id?1027841 - () http://www.securitytracker.com/id?1027841 -
References () https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03556108 - Vendor Advisory () https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03556108 - Vendor Advisory

Information

Published : 2012-12-06 11:45

Updated : 2024-11-21 01:40


NVD link : CVE-2012-3272

Mitre link : CVE-2012-3272

CVE.ORG link : CVE-2012-3272


JSON object : View

Products Affected

hp

  • color_laserjet_cp4xxx
  • color_laserjet_cp3525
  • color_laserjet_cm60xx
  • laserjet_p4xxx
  • color_laserjet_cm3530
  • laserjet_p3015
  • color_laserjet_cp6015
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')