提交 #310642: iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)信息

标题iboss Seure Web Gateway < 10.2.0 Stored cross-site scripting (XSS)
描述Stored cross-site scripting (XSS) in the login interface of iboss's Secure Web Gateway on versions before 10.2.0 allows remote attackers to inject arbitrary JavaScript via the redirectUrl parameter. See link to detailed explanation and proof of concept.
来源⚠️ https://github.com/modrnProph3t/PoC/blob/main/iboss-stored-XSS.md
用户
 Anonymous User
提交2024-04-04 15時26分 (2 年前)
管理2024-04-05 17時00分 (1 day later)
状态已接受
VulDB条目259501 [iboss Secure Web Gateway 直到 10.1 Login Portal /login redirectUrl 跨网站脚本]
积分17

Want to know what is going to be exploited?

We predict KEV entries!