Vulnerabilities (CVE)

Filtered by vendor Accellion Subscribe
Filtered by product Ftp Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-9500 1 Accellion 1 Ftp Server 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting.
CVE-2016-9499 1 Accellion 1 Ftp Server 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them.