CVE-2018-10326

MEDIUM

PrinterOn Enterprise 4.1.3 - Authenticated XSS

Title source: llm

Description

PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the (1) department field in the printer configuration, (2) description field in the print server configuration, and (3) username field for authentication to print as guest.

References (1)

[Exploit, Third Party Advisory] https://github.com/bzyo/CVE-PoCs/tree/master/CVE-2018-10326

View Exploit ZIP pw:eip

Scores

CVSS v3 5.4

EPSS 0.0031

EPSS Percentile 53.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-79

Status published

Affected Products (1)

printeron/printeron

Timeline

Published May 17, 2018

Tracked Since Feb 18, 2026