ГлавнаяУязвимости → CVE-2024-47801
7.4высокая

CVE-2024-47801

Описание

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.

Затрагиваемое ПО
Toshibatec E-studio1058 firmwareToshibatec E-studio1058Toshibatec E-studio1208 firmwareToshibatec E-studio1208Toshibatec E-studio908 firmwareToshibatec E-studio908Sharp Bp-90c70 firmwareSharp Bp-90c70Sharp Bp-90c80 firmwareSharp Bp-90c80Sharp Bp-70c65 firmwareSharp Bp-70c65Sharp Bp-70c55 firmwareSharp Bp-70c55Sharp Bp-70c45 firmwareSharp Bp-70c45Sharp Bp-70c36 firmwareSharp Bp-70c36Sharp Bp-70c31 firmwareSharp Bp-70c31Sharp Bp-60c45 firmwareSharp Bp-60c45Sharp Bp-60c36 firmwareSharp Bp-60c36Sharp Bp-60c31 firmware
CVSS
Балл7.4 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Источники
https://global.sharp/products/copier/info/info_security_2024-10.htmlhttps://jvn.jp/en/vu/JVNVU95063136/https://www.toshibatec.com/information/20241025_01.html