Modrnproph3T

**Name of the Vulnerable Software and Affected Versions** iboss Secure Web Gateway versions up to 10.1 **Description** A vulnerability has been found in the iboss Secure Web Gateway, affecting an unknown functionality of the file "/login" of the component Login Portal. The manipulation of the `redirectUrl` argument leads to cross-site scripting. The attack can be launched remotely. **Recommendations** For iboss Secure Web Gateway versions up to 10.1, upgrade to version 10.2.0.160 to address this issue. As a temporary workaround, consider restricting access to the "/login" endpoint or disabling the manipulation of the `redirectUrl` argument until the upgrade is applied.