漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
WS_FTP Server Stored Cross-Site Scripting Vulnerability
Vulnerability Description
In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site scripting payload is successfully stored, an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
WS_FTP Server 跨站脚本漏洞
Vulnerability Description
Progress Software WS_FTP Server是美国Progress Software公司的一个有效的、高度可管理的 FTP 服务器。 WS_FTP Server 8.8.2之前版本存在跨站脚本漏洞。攻击者利用该漏洞在受害者浏览器环境中执行恶意JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A