Cross-Site Scripting (XSS) Vulnerability in FortiAuthenticator OWA Agent for Microsoft Version 2.2 and 2.1

CVE-2022-22304 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAuthenticator OWA Agent for Microsoft version 2.2 and 2.1 may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.

Learn more about our Web App Pen Testing.