Lucene search

K
fortinetFortiGuard LabsFG-IR-21-114
HistoryDec 07, 2021 - 12:00 a.m.

FortiWLM - stored cross-site scripting in hotspot profile controller

2021-12-0700:00:00
FortiGuard Labs
www.fortiguard.com
5

0.001 Low

EPSS

Percentile

29.5%

An improper neutralization of input during web page generation vulnerability (‘Cross-site Scripting’) [CWE-79] in FortiWLM may allow an authenticated attacker to perform a stored cross site scripting attack (XSS) via storing malicious payloads and trigger the attack on victim’s client via various endpoints.

0.001 Low

EPSS

Percentile

29.5%

Related for FG-IR-21-114