Unrated severityNVD Advisory· Published Apr 28, 2025· Updated Apr 28, 2025
Input Validation vulnerability in Web Client emails that do not go through Secure Mail
CVE-2024-11922
Description
Missing input validation in certain features of the Web Client of Fortra's GoAnywhere prior to version 7.8.0 allows an attacker with permission to trigger emails to insert arbitrary HTML or JavaScript into an email.
Affected products
2<7.8.0+ 1 more
- (no CPE)range: <7.8.0
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- www.fortra.com/security/advisories/product-security/fi-2025-005mitrevendor-advisory
News mentions
0No linked articles in our index yet.