logo
DATABASE RESOURCES PRICING ABOUT US

FortiPortal - Reflected cross-site scripting due to wrong sanitization context

Description

Multiple improper neutralization of input during web page generation vulnerabilities [CWE-79] in both the customer and provider interfaces of FortiPortal may allow an attacker to perform reflected Cross-site scripting attacks via specially crafted HTTP request parameters.


Affected Software


CPE Name Name Version
fortiportal 6.0.5
fortiportal 6.0.4
fortiportal 6.0.3
fortiportal 6.0.2
fortiportal 6.0.1
fortiportal 6.0.0
fortiportal 5.3.6
fortiportal 5.3.5
fortiportal 5.3.4
fortiportal 5.3.3
fortiportal 5.3.2
fortiportal 5.3.1
fortiportal 5.3.0
fortiportal 5.2.6
fortiportal 5.2.5
fortiportal 5.2.4
fortiportal 5.2.3
fortiportal 5.2.2
fortiportal 5.2.1
fortiportal 5.2.0
fortiportal 5.1.2
fortiportal 5.1.1
fortiportal 5.1.0
fortiportal 5.0.3
fortiportal 5.0.2
fortiportal 5.0.1
fortiportal 5.0.0
fortiportal 4.2.2
fortiportal 4.2.1
fortiportal 4.1.2
fortiportal 4.1.1
fortiportal 4.1.0
fortiportal 4.0.4
fortiportal 4.0.3
fortiportal 4.0.2
fortiportal 4.0.1
fortiportal 4.0.0

Related