N/A

An XSS issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application doesn't properly check parameters, sent in a /dvcset/sysset/set.cgi POST request via the arg01.Hostname field, before saving them on the server. In addition, the JavaScript malicious content is then reflected back to the end user and executed by the web browser.

N/A

N/A

Kyocera d-COLOR MF3555 跨站脚本漏洞

Kyocera d-COLOR MF3555是日本Kyocera公司的一款彩色多功能打印机。 Kyocera d-COLOR MF3555 存在跨站脚本漏洞。该漏洞源于在将参数保存到服务器之前，Web 应用程序未正确检查通过 arg01.Hostname 字段在 /dvcset/sysset/set.cgi POST 请求中发送的参数。

N/A

N/A