Lucene search
China National Vulnerability DatabaseCNVD-2021-101133HistoryDec 14, 2021 - 12:00 a.m.
Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-101133)
2021-12-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
fortinet fortiweb
cross-site scripting
vulnerability
web application layer firewall
sql injection
cookie poisoning
sensitive database content
exploited
saml login handler
EPSS
0.002
Percentile
61.1%
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. versions 6.4.1 and earlier and 6.3.15 and earlier contain a cross-site scripting vulnerability that could be exploited by an attacker to execute unauthorized code or commands via a crafted HTTP request to a SAML login handler.
Related
fortinet
fortinet
FortiWeb - Reflected cross-site scripting in SAML login
2021-12-07 00:00:00
cve
cve
CVE-2021-41015
2021-12-08 13:15:07
cvelist
cvelist
CVE-2021-41015
2021-12-08 12:39:00
prion
prion
Cross site scripting
2021-12-08 13:15:00
nvd
nvd
CVE-2021-41015
2021-12-08 13:15:07