CVE-2018-15530

Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code.
Source: NIST
CVE-2018-15530