CVE-2022-39187 MEDIUM

CVE-2022-39187: Rumpus - FTP server Reflected cross-site scripting (RXSS)

Vendor Rumpus
Product FTP server
Weakness CWE-79 · XSS
Published January 12, 2023
Last update April 8, 2025
View on NVD All CVEs

CVSS base score

6.8/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.

Key dates

02Disclosure timeline

January 12, 2023 CVE published
April 8, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-64613 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) CVE-2022-39240 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in MyGraph CVE-2025-10580 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-38255 Socomec MOD3GP-SY-120K Cross-site Scripting CVE-2024-12521 Slotti Ajanvaraus <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting