Security Announcement
Cross-Site Scripting (XSS) Vulnerability in Embedded Web Server on MFPs/Printers
Dear Customers,
The vulnerability was found in the Embedded Web Server* installed in below MFPs and Printers.
*Note: Embedded Web Server refers to the web home page that is installed in the MFP/Printer from which you can verify the operating status of the machine and make settings related to security, network printing, e-mail transmission and advanced networking.
A malicious attacker could cause arbitrary scripting code to be executed on the clientside web browser while the user is accessing the Embedded Web Server.
To avoid such an effect, please do not access other web sites when accessing the Embedded Web Server.
The vulnerability was found in the Embedded Web Server* installed in below MFPs and Printers.
*Note: Embedded Web Server refers to the web home page that is installed in the MFP/Printer from which you can verify the operating status of the machine and make settings related to security, network printing, e-mail transmission and advanced networking.
A malicious attacker could cause arbitrary scripting code to be executed on the clientside web browser while the user is accessing the Embedded Web Server.
To avoid such an effect, please do not access other web sites when accessing the Embedded Web Server.
Products
- CD 5240 / DC 6240 / CD 5140 / DC 6140
- CD5030 / DC6030 / CD 5025 / DC6025 / CD 5025P / DC 6025P
- CDC 5526 / DCC 6526 / CDC 5626 / DCC 6626
- CDC 5526L / DCC 6526L / CDC 5626L / DCC 6626L
- CDC 1626 / DCC 2626 / CDC 1726 / DCC 2726
- 260ci
- CDC 5525 / DCC 6525 / CDC 5520 / DCC 6520
- CLP 3726 / CLP 4726 / CLP 3721 / CLP 4721
For more information, please contact your local dealer.