The vulnerability of the graphical interface of FortiWeb web applications allows attackers to bypass security restrictions and execute arbitrary code.

The vulnerability of the graphical interface of FortiWeb web applications is related to a breach of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass security restrictions and execute arbitrary code by sending specially crafted HTTP requests remotely...

CVE-2021-22122

An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to perform a reflected cross site scripting attack XSS by injecting malicious payload in different vulnerable API...

Fortinet Fortiweb 5.0.3 contains a reflected cross-site scripting vulnerability

Overview Fortinet Fortiweb 5.0.3, and possibly earlier versions, contains a cross-site scripting vulnerability. CWE-79 Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Fortinet Fortiweb 5.0.3, and possibly earlier versions, contains a cross-si...