IDCVSSSummaryLast (major) updatePublished
CVE-2017-5241 3.5
Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting (XSS) in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File Details pane
20-02-2020 - 22:15 28-06-2017 - 13:29
CVE-2017-5247 3.5
Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field. An authenticated user with permissions to upload or send files can populate this field with a filename that contains standard HTML scripting tags. The resulting
20-02-2020 - 22:15 18-07-2017 - 18:29
CVE-2020-8796 7.5
Biscom Secure File Transfer (SFT) before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server.
16-03-2020 - 12:59 07-02-2020 - 20:15
CVE-2017-5246 4.0
Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces ({{ }}). This expression will be ev
20-02-2020 - 22:15 18-07-2017 - 18:29
Back to Top Mark selected
Back to Top