WS_FTP Server <8.7.3: Reflected XSS in Admin Web Interface
CVE-2022-36967 Published on August 2, 2022

In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote attacker to inject arbitrary JavaScript into a WS_FTP administrator's web session. This would allow the attacker to execute code within the context of the victim's browser.

NVD

Products Associated with CVE-2022-36967

stack.watch emails you whenever new vulnerabilities are published in Progress Ipswitch Ws Ftp Server or Ipswitch Ws Ftp Server. Just hit a watch button to start following.

Progress Ipswitch Ws Ftp Server

Ipswitch Ws Ftp Server

Exploit Probability

EPSS

0.01%

Percentile

0.78%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

WS_FTP Server <8.7.3: Reflected XSS in Admin Web InterfaceCVE-2022-36967 Published on August 2, 2022

Products Associated with CVE-2022-36967

Exploit Probability

WS_FTP Server <8.7.3: Reflected XSS in Admin Web Interface
CVE-2022-36967 Published on August 2, 2022