Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-52967

An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection.

Published

2025-01-14T14:15:33.967

Last Modified

2025-02-03T21:59:09.277

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.5 (LOW)

Weaknesses

Type: Secondary
CWE-80
Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	fortinet	fortiportal	< 6.0.15	Yes

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-211 Vendor Advisory ([email protected])