CVE-2014-0331

Fortinet FortiADC D-series (3.2.0, possibly earlier) contains a cross-site scripting (XSS) vulnerability in the web interface. The issue stems from the locale parameter in /FortiADC/gui_partA/ failing to neutralize input, allowing a remote attacker to inject script/HTML in the victim’s browser co...