Description
Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields could store script content that may be rendered as HTML instead of safely escaped text when the affected Asset View UI content is displayed.
Published: 2026-06-23
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A recorded vulnerability allows an authenticated user with sufficient privileges to add or edit configuration fields in Fortra File Integrity Monitoring (FIM) to embed arbitrary script code into the Asset View UI. When the UI is rendered, the browser will interpret the injected script as executable HTML, potentially allowing the attacker to hijack the user's session, exfiltrate data or bypass authentication. The weakness is not properly escaped user input, identified as CWE-79. The impact is to the confidentiality and integrity of information accessed through the affected UI and could lead to session compromise for users who view the Asset View page.

Affected Systems

All installations of Fortra File Integrity Monitoring (FIM) that use the Asset View UI component in versions prior to 9.4.0.1, formerly known as Tripwire Enterprise.

Risk and Exploitability

The CVSS score is 5.5, and the vulnerability is not currently listed in KEV. No EPSS score is available, so the likelihood of exploitation is not quantified. The attack vector requires legitimate authentication to an instance of FIM and permission to edit node or database configuration. Once those conditions are met, the attacker can plant a permanent XSS payload that triggers for any user who views the affected Asset View page, including users with elevated privileges.

Generated by OpenCVE AI on June 24, 2026 at 09:19 UTC.

Remediation

Vendor Solution

Upgrade to version 9.4.0.1 or later.

OpenCVE Recommended Actions

  • Upgrade the Fortra File Integrity Monitoring product to version 9.4.0.1 or newer, which removes the vulnerable code.
  • Restrict or sanitize the input fields that allow configuration of node or database properties, treating all user supplied data as plain text and escaping HTML characters before storage.
  • Audit and enforce least-privilege permissions so that only trusted administrators can create or modify configuration entries that appear in the Asset View UI.

Generated by OpenCVE AI on June 24, 2026 at 09:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 23 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Description Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields could store script content that may be rendered as HTML instead of safely escaped text when the affected Asset View UI content is displayed.
Title Stored XSS in Fortra File Integrity Monitoring (FIM)
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Fortra

Published:

Updated: 2026-06-23T22:35:15.965Z

Reserved: 2026-06-12T19:31:33.795Z

Link: CVE-2026-12163

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T09:30:06Z

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')