Lucene search
PRIOn knowledge basePRION:CVE-2023-40047HistorySep 27, 2023 - 3:18 p.m.
Cross site scripting
2023-09-2715:18:00
PRIOn knowledge base
www.prio-n.com
4
ws_ftp server
cross-site scripting
xss
ssl certificate
administrative privileges
malicious javascript
nvd
In WS_FTP Server version prior to 8.8.2,Β a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Serverβs Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.Β Once the cross-site scripting payload is successfully stored,Β Β an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ws_ftp_server | lt | 8.8.2 |
Related
nvd
nvd
CVE-2023-40047
2023-09-27 15:18:58
cve
cve
CVE-2023-40047
2023-09-27 15:18:58
cvelist
cvelist
CVE-2023-40047 WS_FTP Server Stored Cross-Site Scripting Vulnerability
2023-09-27 14:50:55
nessus
nessus
Progress WS_FTP Server < 8.8.2 Multiple Vulnerabilities
2023-10-04 00:00:00
thn
thn
rapid7blog
rapid7blog
Critical Vulnerabilities in WS_FTP Server
2023-09-29 13:33:05