Ipswitch · Ipswitch Ws Ftp · CVE-2007-4555
**Name of the Vulnerable Software and Affected Versions**
Ipswitch WS FTP (affected versions not specified)
**Description**
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via arguments to a valid command. This command is not properly handled when displayed by the view log option in the administration interface, which can be leveraged to create a new admin account.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.