THREATOPS
THREAT OPSCVEs › CVE-2022-39197

CVE-2022-39197 — Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability

CISA KEVExploited: confirmedFortra

Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.

Vulnerability details