Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An Improper neutralization of input during web page generation ('cross-site scripting') vulnerability [CWE-79] in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remote attacker to perform an XSS attack via stored malicious service requests
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Fortinet FortiSOAR 跨站脚本漏洞
Vulnerability Description
req等都是(roc)个人开发者的产品。req是一个使用 Black Magic 的简单 Go HTTP 客户端。TanStack form等都是(TanStack)开源的产品。form是一个表单状态管理程序。Meta Incubator below等都是(Meta Incubator)开源的产品。below是一个现代 Linux 系统的资源监视器。 Fortinet FortiSOAR 7.6.1及之前版本、7.5.1及之前版本、7.4所有版本、7.3所有版本、7.2所有版本、7.0所有版本和6.4所有
CVSS Information
N/A
Vulnerability Type
N/A