Sharp MFPs vulnerable to cross-site scripting attack
CVE-2024-48870
4.8MEDIUM
Key Information:
- Vendor
Toshiba
- Vendor
- CVE Published:
- 25 October 2024
What is CVE-2024-48870?
Sharp and Toshiba Tec multi-function printers exhibit a vulnerability related to improper input data validation during URI data registration. This flaw allows an attacker, via crafted input, to store malicious scripts that may be executed in the web browsers of users accessing the affected system. If administrative users inadvertently store such input, it can lead to significant security risks for organizations, compromising user safety and exposing sensitive information.
Affected Version(s)
e-STUDIO 1058 T1.01.h4.00 and earlier versions
e-STUDIO 1208 T1.01.h4.00 and earlier versions
e-STUDIO 908 T2.12.h3.00 and earlier versions