Description
HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions. The vulnerability could be exploited to perform a cross site scripting (XSS) attack.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
https://support.hp.com/us-en/document/c05541569
Scores
CVSS v3
6.1
EPSS
0.0040
EPSS Percentile
60.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (50)
hp/2a68a_firmware
< 2308214_000911
hp/2a69a_firmware
< 2308214_000911
hp/2a70a_firmware
< 2308214_000911
hp/2a71a_firmware
< 2308214_000911
hp/a2w75a_firmware
< 2308214_000928
hp/a2w76a_firmware
< 2308214_000928
hp/a2w77a_firmware
< 2308214_000930
hp/a2w78a_firmware
< 2308214_000930
hp/a2w79a_firmware
< 2308214_000930
hp/b3g85a_firmware
< 2308214_000912
... and 40 more
Published
Jan 23, 2018
Tracked Since
Feb 18, 2026