GCVE - cpe:2.3:a:accellion:fta:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:accellion:fta:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Accellion (`430c74a2-9aef-5e49-8a90-6fd4ceee7fe4`)
Product	Fta (`a76d812e-230d-59c5-b3d5-7df06d14ac8a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-27731`	vulnerable	2026-06-03 14:44:16.514561	Details available Accellion FTA 9_12_432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. The fixed version is FTA_9_12_444 and later. Published: 2021-03-02T01:00:48.000Z Updated: 2024-08-03T21:26:10.802Z Open on db.gcve.eu Reference links https://github.com/accellion/CVEs/blob/main/CVE-2021-27731.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-27730`	vulnerable	2026-06-03 14:44:16.514174	Details available Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA_9_12_444 and later. Published: 2021-03-02T01:03:03.000Z Updated: 2024-08-03T21:26:10.750Z Open on db.gcve.eu Reference links https://github.com/accellion/CVEs/blob/main/CVE-2021-27730.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-27104`	vulnerable	2026-06-03 14:44:09.580479	Details available Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. Published: 2021-02-16T20:16:42.000Z Updated: 2025-10-21T23:25:54.311Z Open on db.gcve.eu Reference links https://www.accellion.com/products/fta/ https://github.com/accellion/CVEs/blob/main/CVE-2021-27104.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-27103`	vulnerable	2026-06-03 14:44:09.580036	Details available Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later. Published: 2021-02-16T20:12:12.000Z Updated: 2025-10-21T23:35:25.287Z Open on db.gcve.eu Reference links https://www.accellion.com/products/fta/ https://github.com/accellion/CVEs/blob/main/CVE-2021-27103.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-27102`	vulnerable	2026-06-03 14:44:09.579574	Details available Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later. Published: 2021-02-16T20:07:45.000Z Updated: 2025-10-21T23:35:25.719Z Open on db.gcve.eu Reference links https://www.accellion.com/products/fta/ https://github.com/accellion/CVEs/blob/main/CVE-2021-27102.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-27101`	vulnerable	2026-06-03 14:44:09.578996	Details available Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. Published: 2021-02-16T20:02:39.000Z Updated: 2025-10-21T23:35:26.026Z Open on db.gcve.eu Reference links https://www.accellion.com/products/fta/ https://github.com/accellion/CVEs/blob/main/CVE-2021-27101.txt	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.