{"uuid": "04f2678f-19d1-4c5c-89cb-1fe7a9f8ea39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11922", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13741", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11922\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Missing input validation in certain features of the Web Client of Fortra's GoAnywhere prior to version 7.8.0 allows an attacker with permission to trigger emails to\u00a0insert arbitrary HTML or JavaScript into an email.\n\ud83d\udccf Published: 2025-04-28T20:57:37.388Z\n\ud83d\udccf Modified: 2025-04-28T20:57:37.388Z\n\ud83d\udd17 References:\n1. https://www.fortra.com/security/advisories/product-security/fi-2025-005", "creation_timestamp": "2025-04-28T21:11:05.000000Z"}