Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2021-25277

Disclosure Date: March 19, 2021 (last updated February 22, 2025)
FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-25278

Disclosure Date: March 19, 2021 (last updated February 22, 2025)
FTAPI 4.0 through 4.10 allows XSS via an SVG document to the Background Image upload feature in the Submit Box Template Editor.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0