Cross-Site Scripting Vulnerability in HP Color LaserJet Printers
CVE-2012-3272

Currently unrated

Key Information:

Vendor: HP
Status: Laserjet P4xxx; Color Laserjet Cm60xx; Color Laserjet Cp3525; Color Laserjet Cm3530
Vendor: CVE Published:; 6 December 2012

Summary

This vulnerability allows remote attackers to exploit affected HP Color LaserJet printers by injecting arbitrary web scripts or HTML through unspecified vectors. Printers with older firmware versions are particularly at risk, exposing users to potential information leakage or setup manipulation due to inadequate validation of user-supplied input.

References

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id?1027841

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Dec 6, 2012
Vulnerability Reserved
Jun 6, 2012