Fortinet FortiSOAR: Hackers could inject malicious code into web pages

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.6

Fortinet FortiSOAR: Hackers could inject malicious code into web pages

CVE-2026-22154

Summary

FortiSOAR, a security orchestration platform, has a security flaw that could allow a hacker to inject malicious code into web pages if they have an account on the system. This could be a serious issue for organizations that use FortiSOAR, as it could allow an attacker to steal sensitive information or take control of the system. FortiNet has released a patch to fix the issue, and it's recommended that users apply the update as soon as possible.

Original title

Original description

An improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to perform a stored cross site scripting (XSS) attack via crafted HTTP Requests.

nvd CVSS3.1 4.6

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://fortiguard.fortinet.com/psirt/FG-IR-26-117

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026