CVE-2024-27780
published 2025-02-11CVE-2024-27780: Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilities [CWE-79] in FortiSIEM 7.1 all versions, 7.0 all…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilities [CWE-79] in FortiSIEM 7.1 all versions, 7.0 all versions, 6.7 all versions incident page may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortisiem | — | — |
| fortinet | fortisiem | 6.7.0 – 6.7.9 | — |
| fortinet | fortisiem | 7.0.0 – 7.0.3 | — |
| fortinet | fortisiem | 7.1.0 – 7.1.8 | — |