id: CVE-2019-19368 info: name: Rumpus FTP Web File Manager 8.2.9.1 XSS author: madrobot severity: medium description: A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts reference: https://github.com/harshit-shukla/CVE-2019-19368/ tags: cve,cve2019,xss requests: - method: GET path: - "{{BaseURL}}/Login?!'>" part: body