Lucene search
China National Vulnerability DatabaseCNVD-2021-101139HistoryOct 10, 2021 - 12:00 a.m.
Fortinet FortiWebManager Cross-Site Scripting Vulnerability
2021-10-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
fortinet
fortiwebmanager
cross-site scripting
vulnerability
web application firewall
checksum filtering
exploited
attackers
malicious script
EPSS
0.001
Percentile
29.2%
Fortinet FortiWebManager is a web application firewall from Fortinet, Inc. A cross-site scripting vulnerability exists in Fortinet FortiWebManager versions 6.2.3 and 6.0.2 and below, which stems from a lack of checksum filtering of user-supplied and output data, and can be exploited by attackers to The vulnerability injects malicious script tags through the name description comment parameter of each part of the device.
Related
cvelist
cvelist
CVE-2021-36175
2021-10-06 09:36:27
prion
prion
Input validation
2021-10-06 10:15:00
cve
cve
CVE-2021-36175
2021-10-06 10:15:07
fortinet
fortinet
FortiWebManager - Injection vulnerabilities
2021-10-05 00:00:00
nvd
nvd
CVE-2021-36175
2021-10-06 10:15:07