EUVD-2021-30034

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

FortiOS and FortiProxy have a vulnerability allowing XSS attacks via crafted HTTP GET requests.

Reporter	Title	Published	Views	Family All 12
CNNVD	Fortinet FortiProxy SSL VPN跨站脚本漏洞	3 May 202200:00	–	cnnvd
CNVD	Fortinet FortiProxy SSL VPN跨站脚本漏洞	8 May 202200:00	–	cnvd
CVE	CVE-2021-43081	11 May 202214:30	–	cve
Cvelist	CVE-2021-43081	11 May 202214:30	–	cvelist
Fortinet	Protect	3 May 202200:00	–	fortinet
Tenable Nessus	Fortinet Fortigate xss (FG-IR-21-230)	27 Oct 202400:00	–	nessus
NCSC	Vulnerabilities fixed in FortiOS	4 May 202200:00	–	ncsc
NVD	CVE-2021-43081	11 May 202215:15	–	nvd
OSV	CVE-2021-43081	11 May 202215:15	–	osv
Prion	Design/Logic Flaw	11 May 202215:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "28553b87-de59-3a39-8eb3-9be6f922ad3b",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2d5b2b8b-743e-3cde-862f-b9b1da9def12",
        "product": {
          "name": "Fortinet FortiProxy"
        },
        "product_version": "FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0."
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-21-230

03 Oct 2025 20:07Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.1

CVSS 24.3

EPSS0.00677

SSVC