CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-48893

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack via the creation of malicious playbook.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.6%

CVSS Severity

CVSS v3 Score 6.8

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-405

Products affected by CVE-2024-48893

Fortinet » Fortisoar » Version: 7.2.1

cpe:2.3:a:fortinet:fortisoar:7.2.1
Fortinet » Fortisoar » Version: 7.2.2

cpe:2.3:a:fortinet:fortisoar:7.2.2
Fortinet » Fortisoar » Version: 7.3.0

cpe:2.3:a:fortinet:fortisoar:7.3.0
Fortinet » Fortisoar » Version: 7.3.1

cpe:2.3:a:fortinet:fortisoar:7.3.1
Fortinet » Fortisoar » Version: 7.3.2

cpe:2.3:a:fortinet:fortisoar:7.3.2
Fortinet » Fortisoar » Version: 7.3.3

cpe:2.3:a:fortinet:fortisoar:7.3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-48893

Products

Pricing

Contact Us