Security Advisory

CVE-2017-8760

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-05-05 18:00:00

Last updated 2024-08-05 16:48:21

Assigner mitre

State PUBLISHED

Description

An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is XSS in courier/1000@/index.html with the auth_params parameter. The device tries to use internal WAF filters to stop specific XSS Vulnerabilities. However, these can be bypassed by using some modifications to the payloads, e.g., URL encoding.

← Browse all CVEs View on cve.org ↗