Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-40048


In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function.


Published

2023-09-27T15:19:00.010

Last Modified

2024-11-21T08:18:35.973

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-352
  • Type: Primary
    CWE-352

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application progress ws_ftp_server < 8.8.2 Yes

References