Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-ffp3-q8wm-h894

Опубликовано: 19 фев. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 5.1
CVSS3: 6.1

Описание

Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript in the context of an authenticated user's browser session.

Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript in the context of an authenticated user's browser session.

Ссылки

EPSS

Процентиль: 3%
0.00015
Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

CVE-2019-25356

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2019-25356

CVSS3: 6.1
nvd
4 месяца назад

Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript in the context of an authenticated user's browser session.

EPSS

Процентиль: 3%
0.00015
Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

CVE-2019-25356

Дефекты

CWE-79