Vulnerabilities > CVE-2005-2202 - Cross-Site Scripting vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 6 |
Nessus
NASL family | Misc. |
NASL id | XEROX_XRX05_006.NASL |
description | According to its model number and software version, the remote host is a Xerox WorkCentre device with an embedded web server that suffers from multiple flaws, including authentication bypass, denial of service, unauthorized file access, and cross-site scripting. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18642 |
published | 2005-07-08 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18642 |
title | Xerox WorkCentre Multiple Vulnerabilities (XRX05-006) |