CVE-2024-22397

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript code...

CVE-2024-22397

This CVE affects SonicOS SSLVPN Portal (SonicWall) and is a Stored Cross-Site Scripting flaw. Root cause: improper neutralization of input during web page generation. Impact: an authenticated remote attacker with firewall admin privileges can store and execute arbitrary JavaScript in the context ...