Cross-Site Request Forgery Vulnerability in Progress WS_FTP Server
CVE-2022-36968
4.3MEDIUM
What is CVE-2022-36968?
The WS_FTP Server developed by Progress contains a vulnerability due to the absence of a nonce in forms within its administrative interface. This oversight may allow malicious actors to exploit the application through cross-site request forgery (CSRF) attacks, potentially leading to unauthorized actions being performed without the consent of the authenticated user. It is crucial for users of versions prior to 8.7.3 to address this vulnerability to maintain the integrity and security of their systems.