8 matches found
CVE-2022-43955
An improper neutralization of input during web page generation CWE-79 in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross si...
Fortinet FortiWeb xss (FG-IR-22-428)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-428 advisory. - An improper neutralization of input during web page generation CWE-79 in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3...
Vulnerabilities fixed in Fortinet FortiWeb and FortiADC
Fortinet has fixed vulnerabilities in FortiWeb and FortiADC. A malicious party can exploit the vulnerability with reference CVE-2022-43955 exploit to perform a cross-site scripting attack XSS on the web interface of the vulnerable systems. Such an attack can lead to execution of code within the...
CVE-2022-43955
creationtimestamp| type| source ---|---|--- 2023-04-11 20:23:34+00:00| seen| https://t.me/cibsecurity/61893...
CVE-2022-43955
An improper neutralization of input during web page generation CWE-79 in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross si...
CVE-2022-43955
An improper neutralization of input during web page generation CWE-79 in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross si...
CVE-2022-43955
CVE-2022-43955 affects Fortinet FortiWeb web interface; reported as an improper neutralization of input during web page generation (CWE-79) that can enable unauthenticated, remote attackers to perform a reflected cross-site scripting (XSS) via malicious payloads injected into log entries used to ...
CVE-2022-43955
An improper neutralization of input during web page generation CWE-79 in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross si...