3 matches found
Fortinet FortiClient EMS 7.2.x / 7.4.x < 7.4.3 XSS (FG-IR-23-344)
The version of Fortinet FortiClient EMS installed on the remote host is 7.2.1 through 7.2.9 or 7.4.x prior to 7.4.3. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-344 advisory: - An improper neutralization of input during web page generation 'Cross-site Scripting'...
CVE-2025-22855
An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send messages containing javascript code...
CVE-2025-22855
Fortinet FortiClient EMS (FortiClient EMS) suffers a Cross-site Scripting (CWE-79) flaw due to improper input neutralization during web page generation. Affected versions include FortiClient EMS before 7.4.1 (per Fortinet/FG-IR-23-344) and FortiClient EMS 7.2.x/7.4.x up to 7.4.3 (per Nessus FG-IR...