Описание
Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting.
Ссылки
- Third Party AdvisoryUS Government Resource
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до fta_9_12_220 (исключая)
cpe:2.3:a:accellion:ftp_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00745
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-80
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting.
EPSS
Процентиль: 73%
0.00745
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-80
CWE-79