Skip to main content

Ipswitch Ws Ftp Server

2 CVEs product

Monthly

CVE-2022-36968 MEDIUM This Month

In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Ipswitch Ws Ftp Server
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2022-36967 MEDIUM This Month

In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ipswitch Ws Ftp Server
NVD
CVSS 3.1
6.1
EPSS
0.6%
EPSS 0% CVSS 4.3
MEDIUM This Month

In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Ipswitch Ws Ftp Server
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ipswitch Ws Ftp Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy