Unrated severityNVD Advisory· Published Feb 4, 2014· Updated Apr 29, 2026

CVE-2013-6033

Description

Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through LS.SW.P069, C52x through LS.FA.P150, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allow remote authenticated users to inject arbitrary web script or HTML by using (1) SNMP or (2) the Embedded Web Server (EWS) to set the (a) Contact or (b) Location field.

Affected products

Lexmark/C52x
cpe:2.3:h:lexmark:c52x:*:*:*:*:*:*:*:*
Range: <=ls.fa.p150
Lexmark/C53x
cpe:2.3:h:lexmark:c53x:*:*:*:*:*:*:*:*
Range: <=ls.sw.p069
Lexmark/C920
cpe:2.3:h:lexmark:c920:*:*:*:*:*:*:*:*
Range: <=ls.ta.p152
Lexmark/C935dn
cpe:2.3:h:lexmark:c935dn:*:*:*:*:*:*:*:*
Range: <=lc.jo.p091
Lexmark/E250
cpe:2.3:h:lexmark:e250:*:*:*:*:*:*:*:*
Range: <=le.pm.p126
Lexmark/E350
cpe:2.3:h:lexmark:e350:*:*:*:*:*:*:*:*
Range: <=le.ph.p129
Lexmark/E450
cpe:2.3:h:lexmark:e450:*:*:*:*:*:*:*:*
Range: <=lm.sz.p124
Lexmark/T64x
cpe:2.3:h:lexmark:t64x:*:*:*:*:*:*:*:*
Range: <=ls.st.p343
Lexmark/W840
cpe:2.3:h:lexmark:w840:*:*:*:*:*:*:*:*
Range: <=ls.ha.p252

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.lexmark.com/indexnvdVendor Advisory
www.kb.cert.org/vuls/id/108062nvdUS Government Resource
www.osvdb.org/102752nvd
www.securityfocus.com/bid/65277nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000