THREAT OPS › CVEs › CVE-2022-39197
CVE-2022-39197 — Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability
Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.
Vulnerability details
- Affected productsCobalt Strike
- KEV remediation due2023-04-20