Lucene search
HistoryNov 02, 2015 - 7:59 p.m.
CVE-2015-8037
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
50.5%
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager before 5.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SOMVpnSSLPortalDialog or (2) FGDMngUpdHistory.
Affected configurations
Node
fortinetfortimanager_firmwareRange≤5.2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fortinet | fortimanager_firmware | * | cpe:2.3:o:fortinet:fortimanager_firmware:*:*:*:*:*:*:*:* |
Related
fortinet
fortinet
Multiple XSS vulnerabilities in FortiManager GUI
2015-09-24 00:00:00
prion
prion
Cross site scripting
2015-11-02 19:59:00
cvelist
cvelist
CVE-2015-8037
2015-11-02 19:00:00
cve
cve
CVE-2015-8037
2015-11-02 19:59:17
exploitdb
exploitdb
FortiManager 5.2.2 - Persistent Cross-Site Scripting
2015-09-25 00:00:00
packetstorm
packetstorm
FortiManager 5.2.2 Cross Site Scripting
2015-09-25 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
50.5%
Related for NVD:CVE-2015-8037