Vulnerability Details CVE-2018-17314
On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-17314
-
cpe:2.3:h:ricoh:mp_305+:-
-
cpe:2.3:o:ricoh:mp_305+_firmware:-