CVE Vulnerabilities

CVE-2006-6436

Published: Dec 10, 2006 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in the Network controller in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to inject arbitrary web script or HTML via HTTP TRACE messages.

Affected Software

Name Vendor Start Version End Version
Workcentre_232 Xerox * *
Workcentre_238 Xerox * *
Workcentre_245 Xerox * *
Workcentre_255 Xerox * *
Workcentre_265 Xerox * *
Workcentre_275 Xerox * *

References