Cross-site scripting (XSS) vulnerabilities have been reported to affect SFTPGo WebClient. If exploited, this vulnerability allows remote attackers to inject malicious code.
Fixed in v2.3.5.
{ "github_reviewed": true, "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed_at": "2022-09-20T21:22:55Z", "nvd_published_at": "2022-09-20T22:15:00Z" }