Cross-Site Scripting (XSS) Vulnerability in NetWin SurgeFTP Version 23f2
CVE-2017-17933 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.
Learn more about our Web App Pen Testing.