CVE-2023-26211

Description

An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module.

References

https://fortiguard.com/psirt/FG-IR-23-088

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS