CVE-2018-17312: XSS
First published: Wed Sep 26 2018(Updated: )
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ricoh Aficio MP 301SPF Firmware | ||
| Ricoh Aficio MP 301SPF Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this RICOH Aficio MP 301 printer vulnerability?
The vulnerability ID for this RICOH Aficio MP 301 printer vulnerability is CVE-2018-17312.
What are the affected software versions of this vulnerability?
The affected software version is Ricoh Aficio Mp 301spf Firmware.
What is the severity level of this vulnerability?
The severity level of this vulnerability is medium with a CVSS score of 6.1.
What is the Common Weakness Enumeration (CWE) ID associated with this vulnerability?
The CWE ID associated with this vulnerability is CWE-79.
Is there a fix available for this vulnerability?
Yes, it is recommended to update the firmware to the latest version provided by Ricoh.
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/type
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ricoh
- canonical/ricoh aficio mp 301spf firmware