FloosieTek FTGatePro 1.22 – Mail Server Cross-Site Scripting

FloosieTek FTGatePro 1.22 – Mail Server Cross-Site Scripting

漏洞ID 1054137 漏洞类型
发布时间 2003-09-02 更新时间 2003-09-02
图片[1]-FloosieTek FTGatePro 1.22 – Mail Server Cross-Site Scripting-安全小百科CVE编号 N/A
图片[2]-FloosieTek FTGatePro 1.22 – Mail Server Cross-Site Scripting-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23092
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8528/info

FloosieTek FTGatePro Mail Server is prone to a cross-site scripting vulnerability. A remote attacker could exploit this issue by enticing a legitimate user of the mail server to follow a malicious link with embedded HTML and script code. The attacker-supplied code would potentially be rendered in the user's browser when the link is followed.

This issue exists in the web administrative interface, which listens on port 8089 by default. 

http://www.example.com:8089/help/index.fts?href=<script>alert('C.S.S')</script>

相关推荐: KDE kppp访问控制漏洞

KDE kppp访问控制漏洞 漏洞ID 1207262 漏洞类型 缓冲区溢出 发布时间 1998-11-18 更新时间 1998-11-18 CVE编号 CVE-1999-1107 CNNVD-ID CNNVD-199811-014 漏洞平台 N/A CVSS…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享