PT-2026-7924 · Ricoh · Ricoh Web Image Monitor
Ismail Tasdelen
·
Published
2026-02-12
·
Updated
2026-02-12
·
CVE-2019-25324
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
RICOH Web Image Monitor version 1.09
Description
RICOH Web Image Monitor 1.09 contains an HTML injection issue in the address configuration CGI script. This allows attackers to inject malicious HTML code by exploiting the
entryNameIn and entryDisplayNameIn parameters. Successful exploitation could lead to cross-site scripting attacks. The vulnerable parameters allow the insertion of arbitrary HTML content.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ricoh Web Image Monitor