Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-10	CVE-2024-9672	Cross-site Scripting vulnerability in Papercut MF A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. network low complexity papercut CWE-79	5.4
2024-09-26	CVE-2024-8405	Command Injection vulnerability in Papercut NG An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. local low complexity papercut CWE-77	5.5
2024-03-14	CVE-2024-1883	Cross-site Scripting vulnerability in Papercut MF This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. network low complexity papercut CWE-79	6.1
2024-03-14	CVE-2024-1884	Server-Side Request Forgery (SSRF) vulnerability in Papercut MF This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. network low complexity papercut CWE-918	6.5
2024-03-14	CVE-2024-1223	Unspecified vulnerability in Papercut MF This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. network high complexity papercut	4.8
2023-11-14	CVE-2023-6006	Unspecified vulnerability in Papercut MF This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. local low complexity papercut	6.7
2023-10-19	CVE-2023-31046	Path Traversal vulnerability in Papercut MF A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. network low complexity papercut CWE-22	6.5