| Summary | An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't require (anti-)CSRF tokens or other mechanisms for validating that the request is from a legitimate source. In addition, CSRF attacks can be used to send text directly to the RAW printer interface. For example, an attack could deliver a worrisome printout to an end user. |
|---|---|
| Publication Date | Nov. 8, 2024, 6:15 a.m. |
| Registration Date | Nov. 8, 2024, noon |
| Last Update | Nov. 9, 2024, 2:35 a.m. |