Exploit FloosieTek FTGatePro 1.22 - Mail Server Cross-Site Scripting

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
23092
Проверка EDB
  1. Пройдено
Автор
ZIV KAMIR
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
N/A
Дата публикации
2003-09-02
Код:
source: https://www.securityfocus.com/bid/8528/info

FloosieTek FTGatePro Mail Server is prone to a cross-site scripting vulnerability. A remote attacker could exploit this issue by enticing a legitimate user of the mail server to follow a malicious link with embedded HTML and script code. The attacker-supplied code would potentially be rendered in the user's browser when the link is followed.

This issue exists in the web administrative interface, which listens on port 8089 by default. 

http://www.example.com:8089/help/index.fts?href=<script>alert('C.S.S')</script>
 
Источник
www.exploit-db.com

Похожие темы