Floragasse 7 – 5th floor, 1040 Vienna
Subscribe to our Newsletter


SBA Security Advisory – Monsta FTP – Stored Cross-Site Scripting (CVE-2020-14055)

Vulnerability Overview

Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding.

  • Type of Vulnerability: Cross-site Scripting
  • CVSSv3.1 Vector: AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
  • CVSSv3.1 Base Score: 8.2 (High)


Full Security Advisory