4 matches found
CVE-2024-3378
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The attack...
CVE-2024-3378 iboss Secure Web Gateway Login Portal login cross site scripting
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The attack...
CVE-2024-3378 iboss Secure Web Gateway Login Portal login cross site scripting
A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login of the component Login Portal. The manipulation of the argument redirectUrl leads to cross site scripting. The attack...
CVE-2024-3378
Affected product/versions: iboss Secure Web Gateway up to 10.1. The issue resides in the Login Portal’s /login path, where manipulating the redirectUrl parameter can trigger a cross-site scripting (XSS) vulnerability. Root cause: improper handling of redirectUrl within the login flow. Impact: rem...