EUVD-2019-16255

Malware in sbrugna...

CVE-2019-6697

An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0 through 6.2.1, 6.0.0 through 6.0.6 in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site...

CVE-2019-6697

An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0 through 6.2.1, 6.0.0 through 6.0.6 in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site...

The vulnerability of the DHCP Monitor web interface of the FortiOS operating system allows a hacker to inject arbitrary JavaScript or HTML code.

The vulnerability of the DHCP Monitor web interface of the FortiOS operating system arises due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code remotely...

CVE-2015-3626

Cross-site scripting XSS vulnerability in the DHCP Monitor page in the Web User Interface WebUI in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname...

CVE-2015-3626

Summary: CVE-2015-3626 is an XSS flaw in Fortinet FortiOS FortiGate WebUI, specifically the DHCP Monitor page. Affected: FortiOS versions prior to 5.2.4. Cause: insufficient input filtering on the DHCP hostname field allows injection of arbitrary script/HTML. References from NVD/NVD-listed detail...

CVE-2015-3626

Cross-site scripting XSS vulnerability in the DHCP Monitor page in the Web User Interface WebUI in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname...