VYPR
Unrated severityNVD Advisory· Published Dec 10, 2006· Updated Jun 16, 2026

CVE-2006-6436

CVE-2006-6436

Description

Cross-site scripting (XSS) vulnerability in the Network controller in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to inject arbitrary web script or HTML via HTTP TRACE messages.

Affected products

13
  • cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:*
    • cpe:2.3:h:xerox:workcentre_232:*:*:pro:*:*:*:*:*
    • cpe:2.3:h:xerox:workcentre_275:*:*:*:*:*:*:*:*
    • cpe:2.3:h:xerox:workcentre_275:*:*:pro:*:*:*:*:*
  • cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:*
    • cpe:2.3:h:xerox:workcentre_238:*:*:pro:*:*:*:*:*
  • cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:*
    • cpe:2.3:h:xerox:workcentre_245:*:*:pro:*:*:*:*:*
  • cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:*
    • cpe:2.3:h:xerox:workcentre_255:*:*:pro:*:*:*:*:*
  • Xerox/Workcentre3 versions
    cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:*
    • cpe:2.3:h:xerox:workcentre_265:*:*:pro:*:*:*:*:*
    • (no CPE)range: <14.050.03.000

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.