Home
News & Events
News
Notice on potential impact of "Cross-Site Scripting (XSS) Vulnerability in SLNX Help Documentation via specific Parameter" (CVE-2025-41439) towards RICOH Streamline NX V3
07.07.2025

Notice on potential impact of "Cross-Site Scripting (XSS) Vulnerability in SLNX Help Documentation via specific Parameter" (CVE-2025-41439) towards RICOH Streamline NX V3

First published: 05:00 am on June 30, 2025 (2025-06-30T13:00:00+09:00)

Ricoh Company, Ltd.

Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for its customers worldwide.

Ricoh is aware of the reported "Cross-Site Scripting (XSS) Vulnerability in SLNX Help Documentation via specific Parameter" (CVE-2025-41439) affects RICOH Streamline NX V3.

Ricoh offers measures detailed below.

https://jvn.jp/en/jp/JVN24333956/index.html

empty

Advisory ID:

ricoh-prod000077-2025-000008

Version:

1.00E

CVE ID (CWE ID):

CVE-2025-41439 (CWE-79 )

CVSSv3 base score:

6.1MEDIUM

Potential impact

For more information on the impact of this vulnerability being exploited, please refer to the following URL.

https://jvn.jp/en/jp/JVN24333956/index.html

empty

Affected components and versions

Product/service

Link to details

RICOH Streamline NX V3

SLNX Administrative Tool


Streamline NX version can be confirmed with the following procedure:

1. Login in to Administrators console.

2. Navigate to [System] → [Server Settings] → [System Information and Settings].

3. In the "System Information" section, check the value of "System Version".

Resolution

Applying a security patch V3.7.2.1 will resolve this issue. Also, the functionality that caused the issue has been removed as of version 3.231.0 (=23R1), and upgrading to this version or later will prevent the problem from occurring.

________________________________________

Contact:

Please contact your local Ricoh representative or dealer if you have any queries.

History :2025-06-30T13:00:00+09:00 : 1.00E Initial public release

| About Ricoh |

Ricoh is a leading provider of integrated digital services and print and imaging solutions designed to support digital transformation of workplaces, workspaces and optimise business performance.

Headquartered in Tokyo, Ricoh’s global operation reaches customers in approximately 200 countries and regions, supported by cultivated knowledge, technologies, and organisational capabilities nurtured over its 85-year history. In the financial year ended March 2025, Ricoh Group had worldwide sales of 2,527 billion yen (approx. 16.8 billion USD).

It is Ricoh’s mission and vision to empower individuals to find Fulfillment through Work by understanding and transforming how people work so we can unleash their potential and creativity to realise a sustainable future. 

For further information, please visit www.ricoh.com