Cross-Site Scripting Vulnerability in Xerox WorkCentre Series
CVE-2008-6436

Currently unrated

Key Information:

Vendor: Xerox
Status: Workcentre
Vendor: CVE Published:; 6 March 2009

Summary

The Web Server in Xerox WorkCentre devices, specifically models 7132, 7228, 7235, and 7245, is susceptible to a Cross-site Scripting (XSS) vulnerability. This flaw enables remote attackers to execute arbitrary web scripts or HTML on the affected devices via unspecified vectors, which could potentially lead to unauthorized access or manipulation of sensitive data.

References

http://secunia.com/advisories/30364

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/42595

vdb-entryx_refsource_XF

http://osvdb.org/45627

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Mar 6, 2009
Vulnerability Reserved
Mar 6, 2009