Vulnerability Details CVE-2024-52967
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.0%
CVSS Severity
CVSS v3 Score 3.5
Products affected by CVE-2024-52967
-
cpe:2.3:a:fortinet:fortiportal:6.0.0
-
cpe:2.3:a:fortinet:fortiportal:6.0.1
-
cpe:2.3:a:fortinet:fortiportal:6.0.10
-
cpe:2.3:a:fortinet:fortiportal:6.0.11
-
cpe:2.3:a:fortinet:fortiportal:6.0.12
-
cpe:2.3:a:fortinet:fortiportal:6.0.13
-
cpe:2.3:a:fortinet:fortiportal:6.0.14
-
cpe:2.3:a:fortinet:fortiportal:6.0.2
-
cpe:2.3:a:fortinet:fortiportal:6.0.3
-
cpe:2.3:a:fortinet:fortiportal:6.0.4
-
cpe:2.3:a:fortinet:fortiportal:6.0.5
-
cpe:2.3:a:fortinet:fortiportal:6.0.6
-
cpe:2.3:a:fortinet:fortiportal:6.0.7
-
cpe:2.3:a:fortinet:fortiportal:6.0.8
-
cpe:2.3:a:fortinet:fortiportal:6.0.9