Vulnerabilities > Canon > OCE Colorwave 500 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-19 | CVE-2020-10670 | Cross-site Scripting vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. | 6.1 |
| 2020-03-19 | CVE-2020-10668 | Cross-site Scripting vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. | 6.1 |
| 2020-03-19 | CVE-2020-10667 | Cross-site Scripting vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. | 6.1 |