Vulnerabilities > Ftapi

DATE CVE VULNERABILITY TITLE RISK
2021-03-19 CVE-2021-25278 Cross-site Scripting vulnerability in Ftapi
FTAPI 4.0 through 4.10 allows XSS via an SVG document to the Background Image upload feature in the Submit Box Template Editor.
network
low complexity
ftapi CWE-79
4.8
2021-03-19 CVE-2021-25277 Cross-site Scripting vulnerability in Ftapi
FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component.
network
low complexity
ftapi CWE-79
6.1