CVE-2020-10093Cross-site Scripting in 6500e Firmware

CWE-79Cross-site Scripting3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.4%
top 42.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
80
Lexmark 6500e FirmwareLexmark C734 FirmwareLexmark C736 Firmware+77 more
Timeline
PublishedApr 28
Latest updateMay 24

Description

A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series inkjet and other discontinued products.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages80 packages

NVDlexmark/c734_firmwarelr.sk.p824
NVDlexmark/c736_firmwarelr.ske.p824
NVDlexmark/c746_firmwarelhs60.cm2.p737
NVDlexmark/c748_firmwarelhs60.cm4.p737
NVDlexmark/c792_firmwarelhs60.hc.p737

🔴Vulnerability Details

2
GHSA
GHSA-m6j4-75pv-6pwv: A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series inkjet and other discontinued products2022-05-24
CVEList
CVE-2020-10093: A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series inkjet and other discontinued products2020-04-28
CVE-2020-10093 — Cross-site Scripting in 6500e Firmware | cvebase