Vulnerabilities > Accellion > FTA > 9.12.432

DATE CVE VULNERABILITY TITLE RISK
2021-03-02 CVE-2021-27730 Injection vulnerability in Accellion FTA
Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint.
network
low complexity
accellion CWE-74
critical
 9.8
9.8
2021-03-02 CVE-2021-27731 Cross-site Scripting vulnerability in Accellion FTA
Accellion FTA 9_12_432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint.
network
low complexity
accellion CWE-79
6.1
6.1