HP LaserJet Pro Devices Vulnerable to XSS Attack via Web Management Interface
CVE-2024-2301
7.6HIGH
What is CVE-2024-2301?
Certain HP LaserJet Pro devices are at risk of Cross-Site Scripting (XSS) attacks through their web management interfaces. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by users. An unauthenticated attacker could exploit this issue, potentially leading to unauthorized actions being performed on behalf of unsuspecting users. It is crucial for administrators to ensure their devices are updated and appropriately secured to mitigate this risk.
Affected Version(s)
Certain HP LaserJet Pro Devices See HP Security Bulletin reference for affected versions.