WS_FTP Server <8.7.3: CSRF via missing Nonce in Admin Forms
CVE-2022-36968 Published on August 2, 2022

In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.

NVD

Products Associated with CVE-2022-36968

stack.watch emails you whenever new vulnerabilities are published in Progress Ipswitch Ws Ftp Server or Progress Ws Ftp Server. Just hit a watch button to start following.

Progress Ipswitch Ws Ftp Server

Progress Ws Ftp Server

Exploit Probability

EPSS

0.04%

Percentile

11.50%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

WS_FTP Server <8.7.3: CSRF via missing Nonce in Admin FormsCVE-2022-36968 Published on August 2, 2022

Products Associated with CVE-2022-36968

Exploit Probability

WS_FTP Server <8.7.3: CSRF via missing Nonce in Admin Forms
CVE-2022-36968 Published on August 2, 2022