Unrated severityNVD Advisory· Published Sep 20, 2023· Updated Sep 24, 2024
CSRF in PaperCutNG Mobility Print leads to sophisticated phishing
CVE-2023-2508
Description
The PaperCutNG Mobility Print version 1.0.3512 application allows an
unauthenticated attacker to perform a CSRF attack on an instance
administrator to configure the clients host (in the "configure printer
discovery" section). This is possible because the application has no
protections against CSRF attacks, like Anti-CSRF tokens, header origin
validation, samesite cookies, etc.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 1.0.3512
- PaperCut MF/NG/Mobility Printv5Range: 1.0.3512
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.