Invia #310642: iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)informazioni

Titoloiboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)
DescrizioneStored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter. See link to detailed explanation and proof of concept.
Fonte⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md
Utente
 Anonymous User
Sottomissione04/04/2024 15:26 (2 anni fa)
Moderazione05/04/2024 17:00 (1 day later)
StatoAccettato
Voce VulDB259501 [iboss Secure Web Gateway fino a 10.1 Login Portal /login redirectUrl cross site scripting]
Punti17

Do you know our Splunk app?

Download it now for free!