CVE-2019-12315
MEDIUMSamsung SCX-824 Firmware - Reflected Cross-Site Scripting via Print from File Feature
Title source: llmDescription
Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://gist.github.com/med0x2e/2715d32602ba688ea3bc239a3d5f8214
Scores
CVSS v3
6.1
EPSS
0.0029
EPSS Percentile
52.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
samsung/scx-824_firmware
Published
May 24, 2019
Tracked Since
Feb 18, 2026