{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000046.html",
  "dc:date": "2025-06-30T15:45+09:00",
  "dcterms:issued": "2025-06-30T15:45+09:00",
  "dcterms:modified": "2025-06-30T15:45+09:00",
  "description": "SLNX Help Documentation of RICOH Streamline NX provided by Ricoh Company, Ltd. contains a reflected cross-site scripting vulnerability.\r\n\r\n\u003cul\u003e\u003cli\u003eReflected cross-site scripting via a specific parameter (CWE-79) - CVE-2025-41439\u003c/li\u003e\u003c/ul\u003e\r\n\r\nMatteo Santini reported this vulnerability to Ricoh Company, Ltd. directly and coordinated. After the coordination, Ricoh Company, Ltd. reported this case to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with Ricoh Company, Ltd. for JVN publication.",
  "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000046.html",
  "sec:cpe": {
    "#text": "cpe:/a:ricoh:streamline_nx",
    "@product": "Ricoh Streamline NX",
    "@vendor": "Ricoh Co., Ltd",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.1",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2025-000046",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN24333956/index.html",
      "@id": "JVN#24333956",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-41439",
      "@id": "CVE-2025-41439",
      "@source": "CVE"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting"
}