2023-09-01 00:00:00
mitre
PUBLISHED
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., * indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.