Unrated severityNVD Advisory· Published Jun 11, 2024· Updated Aug 27, 2025
CVE-2024-23111
CVE-2024-23111
Description
An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<=7.4.2, 7.2.*, 7.0.*+ 1 more
- (no CPE)range: <=7.4.2, 7.2.*, 7.0.*
- (no CPE)range: 7.4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.