The vulnerability of the FortiOS operating system arises from the lack of measures taken to protect the structure of web pages, allowing attackers to carry out cross-site scripting attacks.

🗓️ 14 Nov 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

FortiOS cross-site scripting flaw due to weak web page protection, via Groups in user groups.

Reporter	Title	Published	Views	Family All 10
CNVD	Fortinet FortiOS Cross-Site Scripting Vulnerability (CNVD-2017-11806)	21 Jun 201700:00	–	cnvd
CVE	CVE-2017-7735	12 Sep 201702:00	–	cve
Cvelist	CVE-2017-7735	12 Sep 201702:00	–	cvelist
EUVD	EUVD-2017-16710	7 Oct 202500:30	–	euvd
Fortinet	FortiOS XSS vulnerabilities via User Groups & Config Revision Comments	15 Jun 201700:00	–	fortinet
Tenable Nessus	Fortinet FortiOS 5.2.x / 5.3.x / 5.4.x < 5.4.5 Multiple XSS (FG-IR-17-127)	23 Jun 201700:00	–	nessus
NVD	CVE-2017-7735	12 Sep 201702:29	–	nvd
OSV	CVE-2017-7735	12 Sep 201702:29	–	osv
Prion	Cross site scripting	12 Sep 201702:29	–	prion
Vulnrichment	CVE-2017-7735	12 Sep 201702:00	–	vulnrichment

Vulners

Node

fortinet fortiosRange5.4.0–5.4.5

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-17-127
securityfocus	www.securityfocus.com/bid/99098
securitytracker	www.securitytracker.com/id/1038705
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

5.7Medium risk

Vulners AI Score5.7

CVSS 23.5

CVSS 35.4

EPSS0.00305

FortiOS Cross site scripting Web page protection Groups field User groups Vulnerability