EUVD-2022-44543

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in FortiPortal allows stored cross site scripting via crafted columnindex parameter

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2022-41336	3 Jan 202320:17	–	circl
CNNVD	Fortinet FortiPortal 跨站脚本漏洞	3 Jan 202300:00	–	cnnvd
CNVD	Fortinet FortiPortal Cross-Site Scripting Vulnerability	5 Jan 202300:00	–	cnvd
CVE	CVE-2022-41336	3 Jan 202316:58	–	cve
Cvelist	CVE-2022-41336	3 Jan 202316:58	–	cvelist
Fortinet	FortiPortal - XSS observed on policy column settings	3 Jan 202300:00	–	fortinet
NCSC	Vulnerabilities fixed in Fortinet products	4 Jan 202300:00	–	ncsc
NVD	CVE-2022-41336	3 Jan 202317:15	–	nvd
OSV	CVE-2022-41336	3 Jan 202317:15	–	osv
Prion	Cross site scripting	3 Jan 202317:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "25b83bd9-a1cd-3bea-a965-01d5186cd1b8",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0a00cc0c-0497-3b30-a747-e3d0e0f16a1d",
        "product": {
          "name": "FortiPortal"
        },
        "product_version": "5.3.0 ≤5.3.8"
      },
      {
        "id": "23b8dc2f-1580-37c4-9a19-4bb2d7cb7b1d",
        "product": {
          "name": "FortiPortal"
        },
        "product_version": "5.2.0 ≤5.2.6"
      },
      {
        "id": "34a58471-3dc4-3eee-a17d-fa41893e83ac",
        "product": {
          "name": "FortiPortal"
        },
        "product_version": "6.0.0 ≤6.0.11"
      },
      {
        "id": "495dd48e-8a2d-38f0-8556-755780c4fc66",
        "product": {
          "name": "FortiPortal"
        },
        "product_version": "5.0.0 ≤5.0.3"
      },
      {
        "id": "b5913d9a-0c39-32d2-959d-f36be453e7a5",
        "product": {
          "name": "FortiPortal"
        },
        "product_version": "5.1.0 ≤5.1.2"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-22-313

03 Oct 2025 20:07Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.14.8 - 6.8

EPSS0.00322

SSVC