Отправить #310642: iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)Информация

Названиеiboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)
ОписаниеStored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter. See link to detailed explanation and proof of concept.
Источник⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md
Пользователь
 Anonymous User
Представление04.04.2024 15:26 (2 лет назад)
Модерация05.04.2024 17:00 (1 day later)
Статуспринято
Запись VulDB259501 [iboss Secure Web Gateway до 10.1 Login Portal /login redirectUrl межсайтовый скриптинг]
Баллы17

Do you need the next level of professionalism?

Upgrade your account now!