Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-09-26 CVE-2018-17316 Cross-site Scripting vulnerability in Ricoh MP C6003 Firmware
On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17315 Cross-site Scripting vulnerability in Ricoh MP C2003Sp Firmware
On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17314 Cross-site Scripting vulnerability in Ricoh MP 305+ Firmware
On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17313 Cross-site Scripting vulnerability in Ricoh MP C307 Firmware
On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17312 Cross-site Scripting vulnerability in Ricoh Aficio MP 301Spf Firmware
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17311 Cross-site Scripting vulnerability in Ricoh MP C6503 Firmware
On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17310 Cross-site Scripting vulnerability in Ricoh MP C1803 JPN Firmware
On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17309 Cross-site Scripting vulnerability in Ricoh MP C406Zspf Firmware
On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
6.1
2018-09-26 CVE-2018-17556 Cross-site Scripting vulnerability in Modx Revolution 2.6.5
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.
network
low complexity
modx CWE-79
5.4
5.4
2018-09-26 CVE-2018-8846 Cross-site Scripting vulnerability in Philips E-Alert Firmware 2.1/R2.1
Philips e-Alert Unit (non-medical device), Version R2.1 and prior.
network
low complexity
philips CWE-79
6.1
6.1