In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function.
2023-09-27T15:19:00.010
2024-11-21T08:18:35.973
Modified
CVSSv3.1: 6.8 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | progress | ws_ftp_server | < 8.8.2 | Yes |