CVE-2022-38379

Name of the Vulnerable Software and Affected Versions FortiSOAR versions 7.0.0 through 7.0.3 FortiSOAR version 7.2.0

Description The issue is related to improper neutralization of input during web page generation, which may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.

Recommendations For FortiSOAR versions 7.0.0 through 7.0.3, consider restricting access to input fields of various components to minimize the risk of exploitation. For FortiSOAR version 7.2.0, consider restricting access to input fields of various components to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.