CVE-2018-5550

Summary

Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.

Affected Software

VendorProductVersion RangeStatus
EpsonEpson AirPrintn/aaffected

Weaknesses

  • CWE-79: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

ADP Enrichment

CVE Program Container

Additional References

References