HTML Injection Vulnerability in FortiSOAR 7.0.0 - 7.0.3 and 7.2.0

HTML Injection Vulnerability in FortiSOAR 7.0.0 - 7.0.3 and 7.2.0

CVE-2022-38379 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.

Learn more about our Web App Pen Testing.