PT-2024-26931 · Toshiba Tec+1 · Toshiba Mfps+1
Damien Bolus
+1
·
Published
2024-11-26
·
Updated
2024-12-01
·
CVE-2024-36249
CVSS v3.1
7.4
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Sharp Corporation MFPs (affected versions not specified)
Toshiba Tech Corporation MFPs (affected versions not specified)
Description
A cross-site scripting issue exists in multiple MFPs from Sharp Corporation and Toshiba Tech Corporation. This could allow an arbitrary script to be executed on the administrative page of the affected devices if exploited.
Recommendations
For Sharp Corporation MFPs, refer to the vendor's provided information for specific guidance on resolving the issue.
For Toshiba Tech Corporation MFPs, refer to the vendor's provided information for specific guidance on resolving the issue.
As a temporary workaround, consider restricting access to the administrative page of the affected MFPs until a fix is available.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sharp Mfps
Toshiba Mfps