CVE-2019-11844: XSS
First published: Tue May 14 2019(Updated: )
An HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ricoh SP 4520DN Firmware | ||
| Ricoh SP 4520DN Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-11844?
CVE-2019-11844 is an HTML Injection vulnerability discovered on the RICOH SP 4520DN printer.
How can this vulnerability be exploited?
This vulnerability can be exploited by injecting malicious HTML code into the entryNameIn or entryDisplayNameIn parameter of the /web/entry/en/address/adrsSetUserWizard.cgi page on the RICOH SP 4520DN printer.
What is the severity of CVE-2019-11844?
The severity of CVE-2019-11844 is medium with a CVSS score of 6.1.
How can I fix CVE-2019-11844?
To fix CVE-2019-11844, update the firmware of your RICOH SP 4520DN printer to the latest version available.
Where can I find more information about CVE-2019-11844?
You can find more information about CVE-2019-11844 at the following link: [RICOH SP 4520DN Printer HTML Injection](http://packetstormsecurity.com/files/152790/RICOH-SP-4520DN-Printer-HTML-Injection.html)
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ricoh
- canonical/ricoh sp 4520dn firmware