Published: 2017/04/07  Last Updated: 2017/04/07

Information from Gaku

Vulnerability ID:JVN#64451600
Title:Tablacus Explorer vulnerable to script injection
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

A vulnerability of script injection was found in Tablacus Explorer 17.3.30 or earlier.
When open a malicious FTP site, arbitrary script will be executed.
If you are using earlier version, please update it promptly.
Best regards,

We provide information on this issue at the following URL (Japanese)
http://tablacus.hatenablog.com/entry/2017/04/05/200424