Download
| Alert*
oval:org.secpod.oval:def:600755
Nicola Fioravanti discovered that F*X, a web service for transferring very large files, is not properly sanitizing input parameters of the "fup" script. An attacker can use this flaw to conduct reflected cross-site scripting attacks via various script parameters. oval:org.secpod.oval:def:600740 It was discovered that the last security update for F*X, DSA-2414-1, introduced a regression. Updated packages are now available to address this problem. |