Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An XSS issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application doesn't properly check parameters, sent in a /dvcset/sysset/set.cgi POST request via the arg01.Hostname field, before saving them on the server. In addition, the JavaScript malicious content is then reflected back to the end user and executed by the web browser.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kyocera d-COLOR MF3555 跨站脚本漏洞
Vulnerability Description
Kyocera d-COLOR MF3555是日本Kyocera公司的一款彩色多功能打印机。 Kyocera d-COLOR MF3555 存在跨站脚本漏洞。该漏洞源于在将参数保存到服务器之前,Web 应用程序未正确检查通过 arg01.Hostname 字段在 /dvcset/sysset/set.cgi POST 请求中发送的参数。
CVSS Information
N/A
Vulnerability Type
N/A