CUPS < 1.7.2 Reflected Cross-Site Scripting Vulnerability

Low

Synopsis

The remote host running a program that is vulnerable to reflected cross site scripting attacks (XSS).

Description

CUPS is a *nix-based network printing program. Versions of CUPS from 1.6.0 to 1.7.1 allow a reflected cross-site scripting (XSS) attack due to lack of input validation when returning requested resources to the user.

Solution

Upgrade to CUPS 1.7.2 or later.