Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:3 a.m.10 views

CVE-2024-48893

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...

6.8CVSS5.5AI score0.00447EPSS
Exploits0References1
Circl
Circl
added 2025/01/14 2:17 p.m.8 views

CVE-2024-48893

creationtimestamp| type| source ---|---|--- 2025-01-14 14:17:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgx36hjj2r 2025-01-14 15:39:39+00:00| seen| https://t.me/cvedetector/15256 2025-01-14 16:28:27+00:00| seen|...

6.8CVSS5.3AI score0.00447EPSS
Exploits0References4
NVD
NVD
added 2025/01/14 2:15 p.m.22 views

CVE-2024-48893

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...

6.8CVSS0.00447EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 2:8 p.m.16 views

CVE-2024-48893

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...

6.8CVSS0.00447EPSS
Exploits0References1
CVE
CVE
added 2025/01/14 2:8 p.m.53 views

CVE-2024-48893

FortiSOAR is affected by CVE-2024-48893 due to improper neutralization of input during web page generation (CWE-79), enabling stored XSS via creation of a malicious playbook. Affected versions are FortiSOAR 7.3.0–7.3.3 and 7.2.1–7.2.2. The issue arises from insufficient input validation in the we...

6.8CVSS6.2AI score0.00447EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/14 2:8 p.m.9 views

CVE-2024-48893

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting XSS attack via the creation of malicious playbook...

6.8CVSS6.2AI score0.00447EPSS
Exploits0References1
Rows per page
Query Builder