Vulnerabilities > Accellion > Medium

DATE CVE VULNERABILITY TITLE RISK
2010-02-19 CVE-2009-4647 Cross-Site Scripting vulnerability in Accellion Secure File Transfer Appliance
Cross-site scripting (XSS) vulnerability in Accellion Secure File Transfer Appliance before 7_0_296 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not properly handled when the administrator views audit logs.
network
accellion CWE-79
4.3
2008-08-27 CVE-2008-3850 Cross-Site Scripting vulnerability in Accellion Secure File Transfer Appliance 70135
Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html.
network
accellion CWE-79
4.3