FortiManager XSS vulnerability when view config under Revision History

2018-06-2200:00:00

FortiGuard Labs

www.fortiguard.com

0.001 Low

EPSS

Percentile

33.3%

JSON

A potential Cross-site Scripting (XSS) vulnerability exists in FortiManager: Displayed data is not sanitized when an administrator views the managed devices configuration, in the installation revision history of the GUI.

CPENameOperatorVersion
fortimanagereq6.0.0
fortimanagereq5.6.6
fortimanagereq5.6.5
fortimanagereq5.6.4
fortimanagereq5.6.3
fortimanagereq5.6.2
fortimanagereq5.6.1
fortimanagereq5.6.0
fortimanagereq5.4.7
fortimanagereq5.4.6

Name	Operator	Version
fortimanager	eq	6.0.0
fortimanager	eq	5.6.6
fortimanager	eq	5.6.5
fortimanager	eq	5.6.4
fortimanager	eq	5.6.3
fortimanager	eq	5.6.2
fortimanager	eq	5.6.1
fortimanager	eq	5.6.0
fortimanager	eq	5.4.7
fortimanager	eq	5.4.6

Rows per page:

1-10 of 161

0.001 Low

EPSS

Percentile

33.3%

JSON

Related for FG-IR-18-006