Vulnerabilities > Accellion > Secure File Transfer Appliance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-02-19 | CVE-2009-4647 | Cross-Site Scripting vulnerability in Accellion Secure File Transfer Appliance Cross-site scripting (XSS) vulnerability in Accellion Secure File Transfer Appliance before 7_0_296 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not properly handled when the administrator views audit logs. | 4.3 |
| 2008-08-27 | CVE-2008-3850 | Cross-Site Scripting vulnerability in Accellion Secure File Transfer Appliance 70135 Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html. | 4.3 |