Fortra Filecatalyst Direct
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Fortra Filecatalyst Direct.
By the Year
In 2026 there have been 0 vulnerabilities in Fortra Filecatalyst Direct. Filecatalyst Direct did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 5.70 |
It may take a day or so for new Filecatalyst Direct vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Fortra Filecatalyst Direct Security Vulnerabilities
FileCatalyst Direct 3.8.8 ASG WebServer XSS via Unsanitized URL
CVE-2024-25155
6.1 - Medium
- March 13, 2024
In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server does not properly sanitize illegal characters in a URL which is then displayed on a subsequent error page. A malicious actor could craft a URL which would then execute arbitrary code within an HTML script tag.
XSS
FileCatalyst Direct 3.8.8- prior: Improper URL Validation Path Traversal
CVE-2024-25154
5.3 - Medium
- March 13, 2024
Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fortra Filecatalyst Direct or by Fortra? Click the Watch button to subscribe.
