Cross site scripting

2021-11-0218:15:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

A improper neutralization of input during web page generation (‘cross-site scripting’) in Fortinet FortiAnalyzer version 6.0.6 and below, version 6.4.4 allows attacker to execute unauthorized code or commands via specifically crafted requests to the web GUI.

CPENameOperatorVersion
fortianalyzerge6.0.0
fortianalyzerle6.0.6
fortianalyzereq6.4.4

Name	Operator	Version
fortianalyzer	ge	6.0.0
fortianalyzer	le	6.0.6
fortianalyzer	eq	6.4.4

References

fortiguard.com/advisory/FG-IR-20-092