CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-25890
https://notcve.org/view.php?id=CVE-2020-25890
17 Nov 2020 — The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions La aplicación web de la impresora Kyocera (ECOSYS M2640IDW) está afectada por una vulnerabilidad de tipo XSS almacenado, descubría además un nuevo contacto en "Machine Address Book". U... • https://vitor-santos.medium.com/xss-in-kyocera-printer-ecosys-m2640idw-cf6d3bc525e3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •