CVE-2008-3850
Accellion File Transfer FTA_7_0_135 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Eric Beaulieu · textwebappsphp
https://www.exploit-db.com/exploits/32290
References (4)
Scores
EPSS
0.0035
EPSS Percentile
56.8%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
accellion/secure_file_transfer_appliance
Timeline
Published
Aug 27, 2008
Tracked Since
Feb 18, 2026