CVE-2010-2428

Опубликовано: 24 июн. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:wftpserver:wing_ftp_server:*:*:*:*:*:*:*:*

Версия до 3.5.0 (включая)

cpe:2.3:a:wftpserver:wing_ftp_server:1.1:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:1.2:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:1.3:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:1.4:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:1.5:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:1.6:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:2.1:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:2.3:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:2.4:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.2.0:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.2.4:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.2.8:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.3.0:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.3.4:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.3.5:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.4.0:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.4.1:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.4.2:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.4.3:*:*:*:*:*:*:*

cpe:2.3:a:wftpserver:wing_ftp_server:3.4.5:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00747

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-3rp2-pwr4-xjcw

github

больше 3 лет назад