CVE-2026-56809 | Multiple laser printers and MFPs (multifunction printers) wh… | CVSS 5.1 MEDIUM

Description

Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses Web Image Monitor.

Metadata

CVE ID: CVE-2026-56809
State: PUBLISHED
Assigner: jpcert
Reserved: 2026-06-23 06:40 UTC
Published: 2026-06-30 06:02 UTC
Last updated: 2026-06-30 06:02 UTC
Primary CWE: CWE-79
Cross-site scripting (XSS)
Vendor / Product: Ricoh Company, Ltd. / Multiple laser printers and MFPs which implement Ricoh Web Image Monitor
Sources: cve.org · NVD

Severity & Metrics

5.1 MEDIUM CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Affected products (1)

Vendor	Product	Platform	Versions
Ricoh Company, Ltd.	Multiple laser printers and MFPs which implement Ricoh Web Image Monitor	—	see the information provided by the vendor

Weakness (CWE)

CWE	Source	Description
CWE-79	cna	Cross-site scripting (XSS)

CVSS scores (2)

Score	Severity	Version	Source	Vector
6.1	MEDIUM	3.0	cna	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5.1	MEDIUM	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

References (3)