2 matches found
CVE-2023-40047
In WSFTP Server version prior to 8.8.2, a stored cross-site scripting XSS vulnerability exists in WSFTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site...
CVE-2023-40047
WS_FTP Server versions prior to 8.8.2 are affected by a stored XSS in the Management module. An administrator could import an SSL certificate with malicious attributes that stores an XSS payload, enabling execution of JavaScript in the admin’s browser. Remediation per vendor guidance is to update...