Cross-site scripting (XSS) vulnerabilities have been reported to affect SFTPGo WebClient. If exploited, this vulnerability allows remote attackers to inject malicious code.
Patches
Fixed in v2.3.5.
Severity
Moderate
CVE ID
CVE-2022-39220
Weaknesses
No CWEs
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.
Impact
Cross-site scripting (XSS) vulnerabilities have been reported to affect SFTPGo WebClient. If exploited, this vulnerability allows remote attackers to inject malicious code.
Patches
Fixed in v2.3.5.