Submit #310642: iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)info

Titeliboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)
BeschreibungStored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter. See link to detailed explanation and proof of concept.
Quelle⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md
Benutzer
 Anonymous User
Einreichung04.04.2024 15:26 (vor 2 Jahren)
Moderieren05.04.2024 17:00 (1 day later)
StatusAkzeptiert
VulDB Eintrag259501 [iboss Secure Web Gateway bis 10.1 Login Portal /login redirectUrl Cross Site Scripting]
Punkte17

Do you want to use VulDB in your project?

Use the official API to access entries easily!