Vulnerabilities > Accellion > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-14 | CVE-2022-24110 | Unspecified vulnerability in Accellion Managed File Transfer Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. | 6.5 |
2021-06-23 | CVE-2021-31585 | Unspecified vulnerability in Accellion Kiteworks 7.3.0 Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access. | 6.7 |
2021-03-02 | CVE-2021-27731 | Cross-site Scripting vulnerability in Accellion FTA Accellion FTA 9_12_432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. | 6.1 |
2018-07-13 | CVE-2016-9500 | Cross-site Scripting vulnerability in Accellion FTP Server Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting. | 6.1 |
2018-07-13 | CVE-2016-9499 | Information Exposure vulnerability in Accellion FTP Server Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. | 5.3 |
2018-05-24 | CVE-2017-9421 | Improper Authentication vulnerability in Accellion Kiteworks Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token. | 6.5 |
2017-05-05 | CVE-2017-8795 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |
2017-05-05 | CVE-2017-8792 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |
2017-05-05 | CVE-2017-8791 | CRLF Injection vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |
2017-05-05 | CVE-2017-8788 | CRLF Injection vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.1 |