Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2016-9499
- EPSS 0.51%
- Published 13.07.2018 20:29:02
- Last modified 21.11.2024 03:01:20
Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them.
6.1
CVE-2016-9500
- EPSS 0.75%
- Published 13.07.2018 20:29:02
- Last modified 21.11.2024 03:01:20
Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting.
1