CVE-2008-7012

Name of the Vulnerable Software and Affected Versions Accellion File Transfer Appliance versions FTA 7 0 178 through FTA 7 0 189

Description The issue allows remote attackers to send spam email. This is achieved by modifying the description and client email parameters in the courier/1000@/api error email.html page, also known as the error reporting page.

Recommendations For versions FTA 7 0 178 through FTA 7 0 189, consider restricting access to the courier/1000@/api error email.html page until a fix is available. As a temporary workaround, avoid using the description and client email parameters in the affected page to minimize the risk of exploitation.