- Description
- Reflected cross-site scripting vulnerability exists in the laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor. If exploited, an arbitrary script may be executed on the web browser of the user who accessed Web Image Monitor. As for the details of affected product names and versions, refer to the information provided by the vendor under [References].
- Source
- vultures@jpcert.or.jp
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 5.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.0
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- vultures@jpcert.or.jp
- CWE-79
- Hype score
- Not currently trending
CVE-2025-41393 Reflected Cross-Site Scripting Vulnerability in Ricoh Web Image Monitor https://t.co/qufyKb9iTK
@VulmonFeeds
12 May 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
CVE-2025-41393 Reflected cross-site scripting vulnerability exists in the laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor. If exploited, an … https://t.co/Pcyt8h4uEv
@CVEnew
12 May 2025
455 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes