CVE-2024-48870

Publication date

2024-10-25 06:18:57

Family

jpcert

State

PUBLISHED

Description

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.