CVE-2022-37406

Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.

Date published : 2022-12-06

https://jvn.jp/en/jp/JVN24659622/index.html

https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm