CVE Details
Basic Information
| Title | Konica Minolta bizhub Display MFP Information List cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-06-09T14:31:06.495Z |
| Last Seen |
Product Information
| Vendor | Konica Minolta |
|---|---|
| Product | bizhub |
| Version | 20250202 |
CVSS Information
| Base Score | 5.1 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A cross-site scripting vulnerability was discovered in Konica Minolta bizhub, affecting versions up to 20250202. This vulnerability allows remote attackers to inject malicious scripts via the Model Name argument in the Display MFP Information List component. The issue has been publicly disclosed and could be exploited. |
|---|---|
| AI Severity | Medium |
| Vendor | Konica Minolta |
| Product | bizhub |
| Affected Version | 20250202 |
Affected Products
- Konica Minolta bizhub 20250202
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79, CWE-94 |
| Bulletin Family |
References
Description
A vulnerability, which was classified as problematic, was found in Konica Minolta bizhub up to 20250202. This affects an unknown part of the component Display MFP Information List. The manipulation of the argument Model Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.