Multiple Authenticated Stored XSS Vulnerabilities in PrinterOn Enterprise 4.1.4

Multiple Authenticated Stored XSS Vulnerabilities in PrinterOn Enterprise 4.1.4

CVE-2018-17167 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Machine Host Name" or "Server Serial Number" field in the clustering configuration, (2) "name" field in the Edit Group configuration, (3) "Rule Name" field in the Access Control configuration, (4) "Service Name" in the Service Configuration, or (5) First Name or Last Name field in the Edit Account configuration.

Learn more about our Cis Benchmark Audit For Server Software.