CVE-2022-39197: Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS)

Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability. Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.

• CISA KEV-listed (remediation due 2023-04-20)
• EPSS 19.6% (95.6% percentile)

Browse the CVE database

Read the full analysis on IntelFusions