CVE-2026-0972

HTML injection is possible in system generated emails in Fortra’s GoAnywhere MFT prior to 7.10.0.

Note: The title, details, and description of this CVE were corrected post-publishing.

More information : https://www.fortra.com/security/advisories/product-security/fi-2026-006