An improper neutralization of input during web page generation [CWE-79] in FortiAnalyzer may allow an attacker to perform a stored Cross Site Scripting (XSS) attack via specifically crafted requests to the web GUI.
CPE | Name | Operator | Version |
---|---|---|---|
fortianalyzer | eq | 6.4.4 | |
fortianalyzer | eq | 6.0.6 | |
fortianalyzer | eq | 6.0.5 | |
fortianalyzer | eq | 6.0.4 | |
fortianalyzer | eq | 6.0.3 | |
fortianalyzer | eq | 6.0.2 | |
fortianalyzer | eq | 6.0.1 | |
fortianalyzer | eq | 6.0.0 |