6 matches found
CVE-2024-48893
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...
CVE-2024-48893
creationtimestamp| type| source ---|---|--- 2025-01-14 14:17:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgx36hjj2r 2025-01-14 15:39:39+00:00| seen| https://t.me/cvedetector/15256 2025-01-14 16:28:27+00:00| seen|...
CVE-2024-48893
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...
CVE-2024-48893
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...
CVE-2024-48893
FortiSOAR is affected by CVE-2024-48893 due to improper neutralization of input during web page generation (CWE-79), enabling stored XSS via creation of a malicious playbook. Affected versions are FortiSOAR 7.3.0–7.3.3 and 7.2.1–7.2.2. The issue arises from insufficient input validation in the we...
CVE-2024-48893
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...