CNNVD-202508-1258 Information

CNNVD ID

CNNVD-202508-1258

Related CVE

CVE-2025-32932

• CNNVD Published: 2025-08-12

Description (Chinese)

Fortinet FortiSOAR是美国飞塔（Fortinet）公司的一种安全编排、自动化和响应 (SOAR) 解决方案。 Fortinet FortiSOAR 7.6.1及之前版本、7.5.1及之前版本、7.4所有版本、7.3所有版本、7.2所有版本、7.0所有版本和6.4所有版本存在跨站脚本漏洞，该漏洞源于输入中和不当，可能导致存储型跨站脚本攻击。

Description (English)

Fortinet FortiSOAR is a safe arrangement, automation and responsiveness (SOAR) solution for Fortinet. Fortinet FortiSAAR 7.6.1 and earlier, 7.5.1 and earlier, 7.4 in all, 7.3 in all, 7.2 in all, 7.0 in all, and 6.4 in all, there is a cross-site script loophole, which originates in in inappropriate input and may result in a storage-type cross-station script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

飞塔

Published

2025-08-12

Last Modified

2026-02-24

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-513 https://access.redhat.com/security/cve/cve-2025-32932

Patch

https://docs.fortinet.com/upgrade-tool/fortigate