VYPR
Unrated severityNVD Advisory· Published Apr 28, 2025· Updated Apr 28, 2025

Input Validation vulnerability in Web Client emails that do not go through Secure Mail

CVE-2024-11922

Description

Missing input validation in certain features of the Web Client of Fortra's GoAnywhere prior to version 7.8.0 allows an attacker with permission to trigger emails to insert arbitrary HTML or JavaScript into an email.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.