CVE-2024-48893
published 2025-01-14CVE-2024-48893: An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack via the creation of malicious playbook.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortisoar | — | — |
| fortinet | fortisoar | 7.2.1 – 7.3.3 | — |
| fortinet | fortisoar | 7.3.0 – 7.3.3 | — |