HPSBPI02828 SSRT100778 rev.2 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS)

2012-10-31T00:00:00
ID HP:C03556108
Type hp
Reporter HP Product Security Response Team
Modified 2017-07-17T00:00:00

Description

Potential Security Impact

Cross-site scripting (XSS)

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with certain HP LaserJet and Color LaserJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS).

RESOLUTION

HP has provided firmware updates for impacted printers as set forth in the table below. To obtain the updated firmware, go to the HP Software and Drivers page for your product and find the firmware update from the list of available software.

Product Number

|

Firmware Version

---|---

HP Color LaserJet CM3530

|

Update to version 53.190.9
21 Aug 2012 or later

HP Color LaserJet CM6030

|

Update to version 52.210.9
21 Aug 2012 or later

HP Color LaserJet CM6040

|

Update to version 52.210.9
21 Aug 2012 or later

HP Color LaserJet CP3525

|

Update to version 06.140.3 18
18 Jul 2012 or later

HP Color LaserJet CP4025

|

Update to version 07.120.6
21 Aug 2012 or later

HP Color LaserJet CP4525

|

Update to version 07.120.6
21 Aug 2012 or later

HP Color LaserJet CP6015

|

Update to version 04.160.3
18 Jul 2012 or later

HP LaserJet P3015

|

Update to version 07.140.3
18 Jul 2012 or later

HP LaserJet P4014

|

Update to version 04.170.3
18 Jul 2012 or later

HP LaserJet P4015

|

Update to version 04.170.3
18 Jul 2012 or later

HP LaserJet P4515

|

Update to version 04.170.3
18 Jul 2012 or later