PT-2022-23978 · Ricoh · Aficio Sp 4210N
Hiroki Yasui
+4
·
Published
2022-12-07
·
Updated
2022-12-08
·
CVE-2022-37406
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Aficio SP 4210N firmware versions prior to Web Support 1.05
Description
A cross-site scripting issue allows a remote authenticated attacker with administrative privileges to inject an arbitrary script.
Recommendations
For Aficio SP 4210N firmware versions prior to Web Support 1.05, update to Web Support 1.05 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aficio Sp 4210N