An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user’s browser.
CPE | Name | Operator | Version |
---|---|---|---|
wing_ftp_server | eq | 6.4.4 |