| Titel | iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS) |
|---|
| Beschreibung | Stored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter.
See link to detailed explanation and proof of concept. |
|---|
| Quelle | ⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md |
|---|
| Benutzer | Anonymous User |
|---|
| Einreichung | 04.04.2024 15:26 (vor 2 Jahren) |
|---|
| Moderieren | 05.04.2024 17:00 (1 day later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 259501 [iboss Secure Web Gateway bis 10.1 Login Portal /login redirectUrl Cross Site Scripting] |
|---|
| Punkte | 17 |
|---|