Soumettre #310642: iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)information

Titreiboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)
DescriptionStored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter. See link to detailed explanation and proof of concept.
La source⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md
Utilisateur
 Anonymous User
Soumission04/04/2024 15:26 (il y a 2 ans)
Modérer05/04/2024 17:00 (1 day later)
StatutAccepté
Entrée VulDB259501 [iboss Secure Web Gateway jusqu’à 10.1 Login Portal /login redirectUrl cross site scripting]
Points17

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!