Tuesday, June 1, 2010

Wing FTP Server XSS vulnerability by w01f Labs

New finding from the w01f Labs, the Wing FTP Server was found to be vulnerable to Cross Site Scripting(XSS) vulnerability, which could be exploited using malicious scripts.

Discovered Date: May 31, 2010
System affected: Wing FTP Server for Windows, Version 3.5.0 and prior version

For more detail on this vulnerability, visit my research site - w01f Labs

References:
- SecurityFocus: Wing FTP Server 'admin_loginok.html' HTML Injection Vulnerability
- Bugtraq: Wing FTP Server - Cross Site Scripting Vulnerability

No comments: