Vulnerabilities > Ftapi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-19 | CVE-2021-25278 | Cross-site Scripting vulnerability in Ftapi FTAPI 4.0 through 4.10 allows XSS via an SVG document to the Background Image upload feature in the Submit Box Template Editor. | 3.5 |
| 2021-03-19 | CVE-2021-25277 | Cross-site Scripting vulnerability in Ftapi FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component. | 4.3 |