Vulnerabilities > Ricoh > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-26 CVE-2018-17313 Cross-site Scripting vulnerability in Ricoh MP C307 Firmware
On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
2018-09-26 CVE-2018-17312 Cross-site Scripting vulnerability in Ricoh Aficio MP 301Spf Firmware
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
2018-09-26 CVE-2018-17311 Cross-site Scripting vulnerability in Ricoh MP C6503 Firmware
On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
2018-09-26 CVE-2018-17310 Cross-site Scripting vulnerability in Ricoh MP C1803 JPN Firmware
On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
2018-09-26 CVE-2018-17309 Cross-site Scripting vulnerability in Ricoh MP C406Zspf Firmware
On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
2018-09-21 CVE-2018-17002 Cross-site Scripting vulnerability in Ricoh MP 2001Sp Firmware
On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
2018-09-21 CVE-2018-17001 Cross-site Scripting vulnerability in Ricoh SP 4510Sf Firmware
On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1