VYPR
Unrated severityNVD Advisory· Published Aug 12, 2025· Updated Aug 13, 2025

CVE-2025-32932

CVE-2025-32932

Description

An Improper neutralization of input during web page generation ('cross-site scripting') vulnerability [CWE-79] in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remote attacker to perform an XSS attack via stored malicious service requests

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Fortinet/Fortisoarv52 versions
    cpe:2.3:a:fortinet:fortisoar:7.6.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortisoar:7.6.1:*:*:*:*:*:*:*range: 7.6.0
    • (no CPE)range: <= 7.6.1, <= 7.5.1, 7.4 all, 7.3 all, 7.2 all, 7.0 all, 6.4 all

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.