Security Advisory

CVE-2026-25972

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-10 16:44:19

Last updated 2026-03-12 14:28:02

Assigner fortinet

State PUBLISHED

Description

An improper neutralization of input during web page generation (cross-site scripting) vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4 may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters.

← Browse all CVEs View on cve.org ↗