In WS_FTP Server version prior to 8.8.2,Β a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Serverβs Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.Β Once the cross-site scripting payload is successfully stored,Β Β an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
CPE | Name | Operator | Version |
---|---|---|---|
ws_ftp_server | lt | 8.8.2 |