Medium severity5.4NVD Advisory· Published Apr 21, 2026· Updated Apr 29, 2026
CVE-2026-0972
CVE-2026-0972
Description
HTML injection is possible in system generated emails in Fortra's GoAnywhere MFT prior to 7.10.0.
Note: The title, details, and description of this CVE were corrected post-publishing.
Affected products
1- cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:*Range: <7.10.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.