cvedb.io
CVE-2024-48870
MEDIUM · CVSS 6.2
EPSS exploitation probability: 0%
Published 2024-10-25T07:15:04.853 · Last modified 2026-06-17T07:58:55.930

Summary

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.

Affected products

toshibatec — e-studio1058_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when toshibatec ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.