vendor:
Printer Pro
by:
TaurusOmar
3.3
CVSS
LOW
Application-Side Input Validation
N/A
CWE
Product Name: Printer Pro
Affected Version From: 5.4.2003
Affected Version To: 5.4.2003
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: iOS
2015
Printer Pro 5.4.3 IOS – Cross Site Scripting
An application-side input validation vulnerability has been discovered in the official Printer Pro 5.4.3 iOS mobile application. The vulnerability allows a local attacker to inject own script code as payload to the application-side of the vulnerable service function or module. The vulnerability exists in the TextBox Name contacts in which injects the code is activated When the application is opened and the contact containing the script selects to print.
Mitigation:
Input validation and output encoding should be used to prevent malicious code injection.