| 标题 | iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS) |
|---|
| 描述 | Stored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter.
See link to detailed explanation and proof of concept. |
|---|
| 来源 | ⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md |
|---|
| 用户 | Anonymous User |
|---|
| 提交 | 2024-04-04 15時26分 (2 年前) |
|---|
| 管理 | 2024-04-05 17時00分 (1 day later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 259501 [iboss Secure Web Gateway 直到 10.1 Login Portal /login redirectUrl 跨网站脚本] |
|---|
| 积分 | 17 |
|---|