Vulnerability Details CVE-2022-36967
In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote attacker to inject arbitrary JavaScript into a WS_FTP administrator's web session. This would allow the attacker to execute code within the context of the victim's browser.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.6%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2022-36967
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:1.0.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:1.0.1.e
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:1.0.2
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:1.0.2.e
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:1.0.3
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:1.0.4
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:1.0.5
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:2.0
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:2.0.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:2.0.2
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:2.0.3
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:2.0.4
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:3.0
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:3.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:3.1.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:3.1.2
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:3.1.3
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:3.4
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:4.0
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:4.0.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:4.0.2
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:5.0.2
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:5.0.3
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:5.0.4
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:5.0.5
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:5.0.8
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:6.1.0.0
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:6.1.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.0
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.5
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.5.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.6
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.6.2
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.6.2.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.6.3
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:7.7
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:8.0
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:8.0.1
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:8.0.2
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:8.5
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:8.5.4
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:8.6.0
-
cpe:2.3:a:progress:ipswitch_ws_ftp_server:8.6.1