VDB

CNVD-2025-00411

CNVD-2025-00411 PUBLISHED CVSS 6.400000095367432 MEDIUM

Fortinet FortiSOAR是美国飞塔(Fortinet)公司的一种安全编排、自动化和响应(SOAR) 解决方案。 Fortinet FortiSOAR存在跨站脚本漏洞,该漏洞源于在网页生成过程中输入不正确中和。远程攻击者可利用该漏洞通过通信模块注入任意Web脚本。

Risk Scores

CVSS v3.1
6.400000095367432
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X

Affected Products

VendorProductVersions
FortinetFortiSOAR7.3.0, 6.4.3, 6.4.0

Timeline

  • Aug 13, 2024 CVE Published
  • Aug 13, 2024 PoC Published
  • Aug 29, 2024 CVE ID Reserved

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›