Cross-Site Scripting Vulnerability in Lexmark Products
CVE-2020-13481

6.1MEDIUM

Key Information:

Vendor: Lexmark
Status: Lexmark Printers and Multifunction Devices
Vendor: CVE Published:; 19 February 2025

What is CVE-2020-13481?

A security vulnerability present in certain Lexmark products allows attackers to exploit cross-site scripting (XSS) weaknesses. This enables unauthorized access to sensitive information, such as session credentials, potentially compromising the security of users' accounts and devices. Users of impacted Lexmark printers and multifunction devices are advised to implement recommended security measures to mitigate the risk.

References

http://support.lexmark.com/alerts/

https://publications.lexmark.com/publications/security-al...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 19, 2025
Vulnerability Reserved
May 25, 2020