CVE-2022-48311: XSS
First published: Mon Feb 06 2023(Updated: )
**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP Deskjet 2540 | =cep1fn1418br | |
| HP Deskjet 2540 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-48311?
CVE-2022-48311 is classified as a Cross Site Scripting (XSS) vulnerability affecting HP Deskjet 2540 series printer firmware.
How do I fix CVE-2022-48311?
To mitigate CVE-2022-48311, update the HP Deskjet 2540 printer firmware to a newer version that addresses this vulnerability.
Who is affected by CVE-2022-48311?
CVE-2022-48311 affects users of the HP Deskjet 2540 series printer running firmware version CEP1FN1418BR.
What kind of attack can be executed through CVE-2022-48311?
An authenticated attacker can exploit CVE-2022-48311 to inject malicious scripts into the printer's HTTP configuration page.
Is CVE-2022-48311 a remote or local vulnerability?
CVE-2022-48311 is a local vulnerability that requires authenticated access to exploit.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- vendor/hp
- canonical/hp deskjet 2540
- version/hp deskjet 2540/cep1fn1418br