Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.
[
{
"product": "Epson AirPrint",
"vendor": "Epson",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]