Submeter #310642: iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)informação

Títuloiboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)
DescriçãoStored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter. See link to detailed explanation and proof of concept.
Fonte⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md
Utilizador
 Anonymous User
Submissão04/04/2024 15h26 (há 2 anos)
Moderação05/04/2024 17h00 (1 day later)
EstadoAceite
Entrada VulDB259501 [iboss Secure Web Gateway até 10.1 Login Portal /login redirectUrl Script de Site Cruzado]
Pontos17

Interested in the pricing of exploits?

See the underground prices here!