Vulnerabilities > Papercut > Papercut MF > 21.2.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-9672 | Cross-site Scripting vulnerability in Papercut MF A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. | 5.4 |
| 2024-05-14 | CVE-2024-4712 | Unspecified vulnerability in Papercut MF An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. | 7.8 |
| 2024-05-14 | CVE-2024-3037 | Files or Directories Accessible to External Parties vulnerability in Papercut MF An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. | 7.8 |
| 2024-05-03 | CVE-2023-39469 | Code Injection vulnerability in Papercut MF PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. | 7.2 |