Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN24659622/index.html | Third Party Advisory |
https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm | Product Vendor Advisory |
https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/4101044/4101044791/V101/5236968/redirect_CLUTool_DOM/history.htm | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2022-12-07T00:00:00
Updated: 2022-12-07T00:00:00
Reserved: 2022-11-14T00:00:00
Link: CVE-2022-37406
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-12-07T04:15:10.203
Modified: 2022-12-08T20:11:29.410
Link: CVE-2022-37406
JSON object: View
Redhat Information
No data.
CWE