CVE-2019-18914

Description

A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious link.

Affected Software
References

Software	From	Fixed in
hp / futuresmart_4	-	2410028_055002
hp / futuresmart_4	-	2410028_055003
hp / futuresmart_4	-	2410028_055004
hp / futuresmart_4	-	2410028_055005
hp / futuresmart_4	-	2410028_055006
hp / futuresmart_4	-	2410028_055007
hp / futuresmart_4	-	2410028_055008
hp / futuresmart_4	-	2410028_055009
hp / futuresmart_4	-	2410028_055010
hp / futuresmart_4	-	2410028_055011
hp / futuresmart_4	-	2410028_055012
hp / futuresmart_4	-	2410028_055013
hp / futuresmart_4	-	2410028_055014
hp / futuresmart_4	-	2410028_055015
hp / futuresmart_4	-	2410028_055016
hp / futuresmart_4	-	2410028_055017
hp / futuresmart_4	-	2410028_055018
hp / futuresmart_4	-	2410028_055019
hp / futuresmart_4	-	2410028_055020
hp / futuresmart_4	-	2410028_055021
hp / futuresmart_4	-	2410028_055022
hp / futuresmart_4	-	2410028_055023
hp / futuresmart_4	-	2410028_055024
hp / futuresmart_4	-	2410028_055025
hp / futuresmart_4	-	2410028_055026
hp / futuresmart_4	-	2410028_055027
hp / futuresmart_4	-	2410028_055028
hp / futuresmart_4	-	2410028_055029
hp / futuresmart_4	-	2410028_055030
hp / futuresmart_4	-	2410028_055031
hp / futuresmart_4	-	2410028_055032
hp / futuresmart_4	-	2410028_055033
hp / futuresmart_4	-	2410028_055034
hp / futuresmart_4	-	2410028_055035
hp / futuresmart_4	-	2410028_055036
hp / futuresmart_4	-	2410028_055037
hp / futuresmart_4	-	2410028_055038
hp / futuresmart_4	-	2410028_055039
hp / futuresmart_4	-	2410028_055040
hp / futuresmart_4	-	2410028_055041
hp / futuresmart_3	-	2309025_582081
hp / futuresmart_3	-	2309025_582082
hp / futuresmart_3	-	2309025_582083
hp / futuresmart_3	-	2309025_582084
hp / futuresmart_3	-	2309025_582085
hp / futuresmart_3	-	2309025_582086
hp / futuresmart_3	-	2309025_582087
hp / futuresmart_3	-	2309025_582088
hp / futuresmart_3	-	2309025_582089
hp / futuresmart_3	-	2309025_582091
hp / futuresmart_3	-	2309025_582092
hp / futuresmart_3	-	2309025_582093
hp / futuresmart_3	-	2309025_582096
hp / futuresmart_3	-	2309025_582097
hp / futuresmart_3	-	2309025_582098
hp / futuresmart_3	-	2309025_582099
hp / futuresmart_3	-	2309025_582101
hp / futuresmart_3	-	2309025_582102
hp / futuresmart_3	-	2309025_582103
hp / futuresmart_3	-	2309025_582104
hp / futuresmart_3	-	2309025_582105
hp / futuresmart_3	-	2309025_582106
hp / futuresmart_3	-	2309025_582108
hp / futuresmart_3	-	2309025_582110
hp / futuresmart_3	-	2309025_582112
hp / futuresmart_3	-	2309025_582113
hp / futuresmart_3	-	2309025_582114

https://support.hp.com/us-en/document/c06546034

Severity: Medium

CVE: CVE-2019-18914
Published: Nov 9, 2021
Updated: Apr 13, 2023
Exploit:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79

A7 - Cross-Site Scripting (XSS)

CVE-2019-18914

Description

Details

CVSS v3

CVSS v2

CWEs

OWASP TOP 10