Описание
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.
Ссылки
- Vendor Advisory
- ProductVendor Advisory
- Vendor Advisory
- ProductVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.7.3 (исключая)
cpe:2.3:a:progress:ipswitch_ws_ftp_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00039
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.
EPSS
Процентиль: 12%
0.00039
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-352