CVE-2025-22855

LOW Year: 2025
CVSS v3 Score
2.7
Low
Weakness Type
CWE-79
View all →

Vulnerability Description

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send messages containing javascript code.

Related Vulnerabilities

CVE-2016-0370

LOW
CVSS:2.7(Low)

Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an a...

CWE-792016

CVE-2018-0532

LOW
CVSS:2.7(Low)

Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors.

CWE-792018

CVE-2022-4617

LOW
CVSS:2.7(Low)

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2.

CWE-792022

CVE-2023-5896

LOW
CVSS:2.7(Low)

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4.

CWE-792023

CVE-2023-5903

LOW
CVSS:2.7(Low)

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CWE-792023

CVE-2023-5904

LOW
CVSS:2.7(Low)

Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CWE-792023