2 matches found
FortiGate SSL VPN Portal 5.x Cross Site Scripting Vulnerability
FortiGate SSL VPN Portal versions 5.6.2 and below, 5.4.6 and below, 5.2.12 and below, and 5.0 and below suffer from a cross site scripting vulnerability. ======================================================================= title: FortiGate SSL VPN Portal XSS Vulnerability product: Fortinet...
CVE-2017-14186
FortiGate FortiOS SSL VPN Web Portal is affected by CVE-2017-14186. A cross-site scripting (XSS) vulnerability exists because the login redir parameter is not sanitized, enabling a remote attacker to inject arbitrary script in a user’s browser within the FortiGate SSL VPN Web Portal context. A re...