FortiWeb Cross-Site Scripting Vulnerabilities

2014-07-10T00:00:00
ID FG-IR-14-012
Type fortinet
Reporter FortiGuard Labs
Modified 2014-07-10T00:00:00

Description

FortiWeb 5.0, 5.1 and 5.2.0 are vulnerable to multiple reflective cross-site scripting issues. Several parameters in the web management interface URLs /user/ldap_user/check_dlg and /user/radius_user/check_dlg lack sufficient input filtering.