Cross site scripting

2019-10-2118:15:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.5%

JSON

On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

References

medium.com/zero2flag/cve-2019-18203-bfa65918e591