Cross-Site Scripting in Xerox WorkCentre Pro and MicroServer Web Server
CVE-2006-0827

Currently unrated

Key Information:

Vendor: Xerox
Status: Workcentre 255; Workcentre 245; Workcentre 238; Workcentre 232
Vendor: CVE Published:; 21 February 2006

Summary

A cross-site scripting vulnerability exists in the ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre Pro devices. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML, potentially leading to unauthorized actions on behalf of users or exposure of sensitive information. The issue affects specific software versions, making it imperative for users to update their systems to mitigate risks.

References

http://www.vupen.com/english/advisories/2006/0668

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/18952

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/24806

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 21, 2006
Vulnerability Reserved
Feb 21, 2006