CVE-2024-22397

Publication date

2024-03-14 03:23:52

Family

sonicwall

State

PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall admin user to store and execute arbitrary JavaScript code.