Secure File Transfer Security Vulnerabilities and Issues — Secure File Transfer CVE List

Lucene search

BiscomSecure File Transfer

3 matches found

CVE•added 2017/06/28 1:29 p.m.•36 views

CVE-2017-5241

Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting (XSS) in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File Details pane of a file stored in a Workspace. This issue has b...

5.4CVSS5.1AI score0.00388EPSS

CVE•added 2017/07/18 6:29 p.m.•36 views

CVE-2017-5246

Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces ({{ }}). This expression will be evaluated by any other authenticated user who views...

4.3CVSS4.5AI score0.0028EPSS

CVE•added 2017/07/18 6:29 p.m.•35 views

CVE-2017-5247

Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field. An authenticated user with permissions to upload or send files can populate this field with a filename that contains standard HTML scripting tags. The resulting script will evaluated by any other authenticated...

5.4CVSS5.2AI score0.00224EPSS