**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
References
Link | Resource |
---|---|
https://github.com/swzhouu/CVE-2022-48311 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
14 Feb 2023, 19:28
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:hp:deskjet_2540_a9u23b_firmware:cep1fn1418br:*:*:*:*:*:*:* cpe:2.3:h:hp:deskjet_2540_a9u23b:-:*:*:*:*:*:*:* |
|
References | (MISC) https://github.com/swzhouu/CVE-2022-48311 - Exploit, Third Party Advisory | |
First Time |
Hp deskjet 2540 A9u23b Firmware
Hp Hp deskjet 2540 A9u23b |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.0 |
CWE | CWE-79 |
06 Feb 2023, 21:39
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-06 21:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-48311
Mitre link : CVE-2022-48311
CVE.ORG link : CVE-2022-48311
JSON object : View
Products Affected
hp
- deskjet_2540_a9u23b
- deskjet_2540_a9u23b_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')