exploitDog

GHSA-7r72-cjgv-xhq6

Опубликовано: 25 окт. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.2

Описание

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.

Ссылки

EPSS

Процентиль: 56%

0.00344

Низкий

6.2 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-48870

CVSS3: 6.2

nvd

больше 1 года назад

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.

EPSS

Процентиль: 56%

0.00344

Низкий

6.2 Medium

CVSS3

CVE ID

Дефекты

CWE-79