17 matches found
CVE-2017-7340
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...
CVE-2017-7340
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...
Cross site scripting
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...
CVE-2017-7340
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...
Fortinet FortiOS 5.4.x < 5.4.6 / 5.6.x < 5.6.1 XSS (CVE-2017-3131)
The version of Fortinet FortiOS running on the remote device is 5.4.x prior to 5.4.6, or 5.6.x prior to 5.6.1. It is, therefore, affected by a Cross-site Scripting XSS vulnerability that allows attackers to execute unauthorized code or commands via the filter input in Applications under FortiView...
CVE-2018-1355
An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an...
CVE-2018-1355
An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an...
OpenRedirect in Malicious Generated PDF Document on FortiAnalyzer and FortiManager
An open redirect vulnerability exists in FortiAnalyzer and FortiManager when a user of the GUI is converting an HTML table to a PDF document via the FortiView feature, due to lack of user input sanitization...
CVE-2017-3131
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView...
Cross site scripting
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView...
CVE-2017-3131
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView...
CVE-2017-3131
CVE-2017-3131 : Fortinet FortiOS versions 5.4.0–5.4.4 and 5.6.0 are affected by a cross‑site scripting (XSS) vulnerability in the FortiView Applications filter input, allowing an attacker to execute arbitrary JavaScript. The issue is tied to FortiOS’s FortiView FortiView filter handling and is ev...
CVE-2017-3131
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView...
CVE-2017-3131
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView...
FortiOS XSS vulnerabilities via FortiView Application filter, FortiToken activation & SSL VPN Replacement Messages
Three XSS vulnerabilities...
Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2016-03774)
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in the Web User Interface WebUI of...
CVE-2015-7360
Multiple cross-site scripting XSS vulnerabilities in the Web User Interface WebUI in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 serial parameter to alerts/summary/profile/; the 2 urlForCreatingReport parameter to csearch/report/export/...