CVE-2022-36967

Name of the Vulnerable Software and Affected Versions WS FTP Server versions prior to 8.7.3

Description The administrative web interface of WS FTP Server contains multiple reflected cross-site scripting (XSS) vulnerabilities. A remote attacker can inject arbitrary JavaScript into a WS FTP administrator's web session, allowing the execution of code within the context of the victim's browser.

Recommendations For versions prior to 8.7.3, update to version 8.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrative web interface to minimize the risk of exploitation.