All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2022-39197
NONEKEVpublish date unavailable
CVSS / 10
// description
Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.
// required action (CISA KEV)
Apply updates per vendor instructions.
added 2023-03-30 00:00 UTC