Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
fortinetFortiGuard LabsFG-IR-21-118
HistoryDec 07, 2021 - 12:00 a.m.

FortiWeb - Reflected cross-site scripting in error controllers

2021-12-0700:00:00
FortiGuard Labs
www.fortiguard.com
8
fortiweb
reflected cross-site scripting
error controllers
injection risk
unauthenticated user
cwe-79
device's error handlers
crafted requests
malicious javascript code
webpage generation.

EPSS

0.001

Percentile

34.5%

JSON

Multiple improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] in FortiWeb may allow an unauthenticated user to inject malicious javascript code into the response webpage via crafted requests to device’s error handlers.

Related

cnvd 1
cvelist 1
cve 1
prion 1
nvd 1
cnvd
cnvd
Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-99662)
2021-12-13 00:00:00
cvelist
cvelist
CVE-2021-36188
2021-12-08 13:24:55
cve
cve
CVE-2021-36188
2021-12-08 17:15:10
prion
prion
Cross site scripting
2021-12-08 17:15:00
nvd
nvd
CVE-2021-36188
2021-12-08 17:15:10

EPSS

0.001

Percentile

34.5%

JSON
Related for FG-IR-21-118
cnvd1cvelist1cve1prion1nvd1