CVE-2022-36967

Published: Aug 2, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote attacker to inject arbitrary JavaScript into a WS_FTP administrator's web session. This would allow the attacker to execute code within the context of the victim's browser.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.progress.com/ws_ftp

x_refsource_MISC

https://community.progress.com/s/article/WS-FTP-Server-Critical-Security-Product-Alert-Bulletin-June-2022

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-36967

Description

Affected Products

References