CVE-2016-9499 The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to cross-site scripting.
Accellion FTP server prior to version FTA912220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them...