Stored XSS in Fortra File Integrity Monitoring (FIM)_CVE-2026-12163

5.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Description

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields could store script content that may be rendered as HTML instead of safely escaped text when the affected Asset View UI content is displayed.

Basic Information

ID CVE-2026-12163

Source Fortra

Published Jun 23, 2026 at 22:06

Affected Product

Vendor Fortra

Product Fortra File Integrity Monitoring (FIM)

Affected Versions Fortra Fortra File Integrity Monitoring (FIM) 0

CWE Classification

CWE-79

References

www.fortra.com /security/advisories/product-security/fi-2026-009

{
    "lastseen": "",
    "description": "Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields could store script content that may be rendered as HTML instead of safely escaped text when the affected Asset View UI content is displayed.",
    "published": "2026-06-23T22:06:04.351Z",
    "modified": "2026-06-23T22:06:04.351Z",
    "type": "cve",
    "title": "Stored XSS in Fortra File Integrity Monitoring (FIM)",
    "source": "Fortra",
    "references": "https://www.fortra.com/security/advisories/product-security/fi-2026-009",
    "id": "CVE-2026-12163",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "Fortra Fortra File Integrity Monitoring (FIM) 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Fortra File Integrity Monitoring (FIM)",
    "version": "0",
    "vendor": "Fortra",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}