CVE-2018-11581
MEDIUMBrother HL-L2340D and HL-L2380DW Firmware < 1.16 - Cross-Site Scripting via URL Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2018-11581. PoCs published by Huy Kha.
AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in Brother HL series printers via the 'url' parameter in 'loginerror.html'. The payload is injected into the URL and executed when the victim accesses the crafted link.
Description
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
Exploits (1)
This exploit demonstrates a reflected XSS vulnerability in Brother HL series printers via the 'url' parameter in 'loginerror.html'. The payload is injected into the URL and executed when the victim accesses the crafted link.
References (2)
Scores
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N