HTML Injection Vulnerability in FortiSOAR 7.0.0 - 7.0.3 and 7.2.0
CVE-2022-38379 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.
Learn more about our Web App Pen Testing.