Search
Find a vulnerability
Search criteria
2 vulnerabilities found for ecosys_m2640idw_firmware by kyocera
CVE-2020-25890 (GCVE-0-2020-25890)
Vulnerability from nvd – Published: 2020-11-17 20:05 – Updated: 2024-08-04 15:49
VLAI
EPSS
VEX
Summary
The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vitor-santos.medium.com/xss-in-kyocera-pr… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:06.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in \"Machine Address Book\". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-17T20:05:23.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-25890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in \"Machine Address Book\". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3",
"refsource": "MISC",
"url": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-25890",
"datePublished": "2020-11-17T20:05:23.000Z",
"dateReserved": "2020-09-24T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:49:06.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25890 (GCVE-0-2020-25890)
Vulnerability from cvelistv5 – Published: 2020-11-17 20:05 – Updated: 2024-08-04 15:49
VLAI
EPSS
VEX
Summary
The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vitor-santos.medium.com/xss-in-kyocera-pr… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:06.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in \"Machine Address Book\". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-17T20:05:23.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-25890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in \"Machine Address Book\". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3",
"refsource": "MISC",
"url": "https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-25890",
"datePublished": "2020-11-17T20:05:23.000Z",
"dateReserved": "2020-09-24T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:49:06.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}