CVE-2025-27668

CRITICAL

Vasion Print <22.0.843 - XSS

Title source: llm

Description

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Arbitrary Content Inclusion via Iframe OVE-20230524-0012.

References (1)

[Vendor Advisory] https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm

Scores

CVSS v3 9.8

EPSS 0.0048

EPSS Percentile 65.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-829

Status published

Products (2)

printerlogic/vasion_print < 20.0.1923

printerlogic/virtual_appliance < 22.0.843

Published Mar 05, 2025

Tracked Since Feb 18, 2026