Cross site scripting

2017-08-1121:29:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.6%

JSON

Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.

CPENameOperatorVersion
fortimanager_firmwareeq5.0.3
fortimanager_firmwareeq5.0.4
fortimanager_firmwareeq5.0.5
fortimanager_firmwareeq5.0.6
fortimanager_firmwareeq5.0.7
fortimanager_firmwareeq5.0.8
fortimanager_firmwareeq5.0.9
fortimanager_firmwareeq5.0.10
fortimanager_firmwareeq5.2.0
fortimanager_firmwareeq5.2.1

Name	Operator	Version
fortimanager_firmware	eq	5.0.3
fortimanager_firmware	eq	5.0.4
fortimanager_firmware	eq	5.0.5
fortimanager_firmware	eq	5.0.6
fortimanager_firmware	eq	5.0.7
fortimanager_firmware	eq	5.0.8
fortimanager_firmware	eq	5.0.9
fortimanager_firmware	eq	5.0.10
fortimanager_firmware	eq	5.2.0
fortimanager_firmware	eq	5.2.1