CVE-2024-48870 Information

Description

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user malicious script may be executed on the web browsers of other victim users.

Reference

https://jvn.jp/en/vu/JVNVU95063136/ https://www.toshibatec.com/information/20241025_01.html https://global.sharp/products/copier/info/info_security_2024-10.html