A cross-site scripting vulnerability exists in version 2.8.1 of Caldera, a suite of software from the French company Caldera that provides color management, imaging and processing solutions for printer devices, which stems from a lack of effective filtering and escaping of user-submitted parameter data. An attacker could use this vulnerability to execute JavaScript code on the client side.