An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-24-211 |
History
Tue, 14 Jan 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 14 Jan 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection. | |
Weaknesses | CWE-80 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2025-01-14T14:09:44.113Z
Updated: 2025-01-14T20:54:08.452Z
Reserved: 2024-11-18T13:36:52.465Z
Link: CVE-2024-52967
Vulnrichment
Updated: 2025-01-14T15:15:04.135Z
NVD
Status : Received
Published: 2025-01-14T14:15:33.967
Modified: 2025-01-14T14:15:33.967
Link: CVE-2024-52967
Redhat
No data.