CVE-2024-27780

Name of the Vulnerable Software and Affected Versions: FortiSIEM versions 6.7 through 7.1

Description: The issue is related to multiple improper neutralization of input during web page generation, also known as cross-site scripting. This may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests. The incident page is particularly vulnerable to such attacks.

Recommendations: For FortiSIEM versions 6.7 through 7.1, consider disabling access to the incident page until a patch is available to prevent cross-site scripting attacks. Restrict access to the vulnerable web interface to minimize the risk of exploitation. Avoid using the web interface for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.