Cross-Site Scripting Vulnerability in Serv-U Web Client (CVE-2022-38106)
Security Advisory Summary
Cross-site scripting vulnerability in Serv-U versions 15.3.0 to 15.3.1 The vulnerability happens when a non-privileged user creates a new folder in Serv-U web client option and enters the payload.
Affected Products
- Serv-U 15.3.0
- Serv-U 15.3.1
Fixed Software Release
Acknowledgments
- Balaji Ayyasamy
Advisory Details
Severity
High
Advisory ID
First Published
12/15/2022
Fixed Version