In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Ad Hoc Transfer module. An attacker could leverage this vulnerability to target WS_FTP Server users with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
2023-09-27T15:18:57.897
2024-11-21T08:18:35.550
Modified
CVSSv3.1: 8.3 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | progress | ws_ftp_server | < 8.7.4 | Yes |
Application | progress | ws_ftp_server | < 8.8.2 | Yes |