Exploitation Summary
EIP tracks 1 public exploit for CVE-2008-3850. PoCs published by Eric Beaulieu.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Accellion File Transfer by injecting a script tag into the 'forgot_password.html' page, which executes arbitrary JavaScript in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Accellion File Transfer by injecting a script tag into the 'forgot_password.html' page, which executes arbitrary JavaScript in the context of the affected site.