12 matches found
iboss Secure Web Gateway - Stored Cross-Site Scripting
A cross-site scripting vulnerability has been found in iboss Secure Web Gateway up to version 10.1. The vulnerability affects the /login file of the Login Portal component, where manipulation of the redirectUrl parameter leads to cross-site scripting. The attack can be launched remotely and the...
EUVD-2024-31967
Malicious code in bioql PyPI...
CVE-2024-3378
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The attack...
VulnCheck KEV: CVE-2024-3378
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The...
iboss Secure Web Gateway Cross Site Scripting
Exploit Title: iboss Secure Web Gateway - Stored Cross-Site Scripting XSS Date: 4/4/2024 Exploit Author: modrnProph3t Vendor Homepage: https://www.iboss.com Version: userName=TEST&x=TEST&action=login&redirectUrl= 3. Insert XSS payload into the "redirectUrl" parameter Example of request with...
iboss Secure Web Gateway - Stored Cross-Site Scripting Vulnerability
Exploit Title: iboss Secure Web Gateway - Stored Cross-Site Scripting XSS Exploit Author: modrnProph3t Vendor Homepage: https://www.iboss.com Version: userName=TEST&x=TEST&action=login&redirectUrl= 3. Insert XSS payload into the "redirectUrl" parameter Example of request with inserted payload: PO...
iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)
Exploit Title: iboss Secure Web Gateway - Stored Cross-Site Scripting XSS Date: 4/4/2024 Exploit Author: modrnProph3t Vendor Homepage: https://www.iboss.com Version: userName=TEST&x=TEST&action=login&redirectUrl= 3. Insert XSS payload into the "redirectUrl" parameter Example of request with...
CVE-2024-3378
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The attack...
CVE-2024-3378
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The attack...
CVE-2024-3378 iboss Secure Web Gateway Login Portal login cross site scripting
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The attack...
CVE-2024-3378
Affected product/versions: iboss Secure Web Gateway up to 10.1. The issue resides in the Login Portal’s /login path, where manipulating the redirectUrl parameter can trigger a cross-site scripting (XSS) vulnerability. Root cause: improper handling of redirectUrl within the login flow. Impact: rem...
iboss Secure Web Gateway 跨站脚本漏洞
iboss Secure Web Gateway is a web security solution from iboss designed to help organizations protect their networks from cyber threats and malicious activity. A cross-site scripting vulnerability exists in iboss Secure Web Gateway version 10.1 and earlier, which stems from a cross-site scripting...