CVE-2024-52967
LOWDescription
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortiportal |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-52967? +
How severe is CVE-2024-52967? +
What products are affected by CVE-2024-52967? +
How do I check if I'm vulnerable to CVE-2024-52967? +
Related Vulnerabilities
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the admin dashboard's Autodiscover …
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen …
The GDPR cookies module for Backdrop CMS (before 1.x-1.3.5) doesn't sufficiently protect visitors from Cross Site Scripting (XSS) if a …
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting …
It is possible to inject HTML code into the page content using the "content" field in the "Application definition" page. …
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in …