Vulnerabilities > Cerberusftp > FTP Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-10 | CVE-2019-25046 | Cross-site Scripting vulnerability in Cerberusftp FTP Server The Web Client in Cerberus FTP Server Enterprise before 10.0.19 and 11.x before 11.0.4 allows XSS via an SVG document. | 6.1 |
| 2020-01-14 | CVE-2020-5194 | Authorization Bypass Through User-Controlled Key vulnerability in Cerberusftp FTP Server 8.0 The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip permission to use the zip functionality via an unrestricted API endpoint. | 5.4 |
| 2020-01-13 | CVE-2020-5195 | Cross-site Scripting vulnerability in Cerberusftp FTP Server Reflected XSS through an IMG element in Cerberus FTP Server prior to versions 11.0.1 and 10.0.17 allows a remote attacker to execute arbitrary JavaScript or HTML via a crafted public folder URL. | 6.1 |