VYPR
Unrated severityNVD Advisory· Published Dec 6, 2022· Updated Oct 22, 2024

CVE-2022-38379

CVE-2022-38379

Description

Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.

Affected products

2
  • Fortinet/Fortisoarllm-fuzzy2 versions
    >=7.0.0 <=7.0.3, =7.2.0+ 1 more
    • (no CPE)range: >=7.0.0 <=7.0.3, =7.2.0
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.