CVE-2018-12111: XSS
First published: Mon Jun 11 2018(Updated: )
Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Canon Efi Printme |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2018-12111.
What is the severity of CVE-2018-12111?
The severity of CVE-2018-12111 is medium (6.1).
How does the Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface work?
The vulnerability allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.
What is the affected software for CVE-2018-12111?
The affected software for CVE-2018-12111 is Canon Efi Printme.
How can I mitigate the Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface?
To mitigate the vulnerability, it is recommended to update the Canon PrintMe EFI webinterface to the latest version provided by the vendor.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/canon
- canonical/canon efi printme