3 matches found
CVE-2021-36175
An improper neutralization of input vulnerability CWE-79 in FortiWebManager versions 6.2.3 and below, 6.0.2 and below may allow a remote authenticated attacker to inject malicious script/tags via the name/description/comments parameter of various sections of the device...
CVE-2021-36175
An improper neutralization of input vulnerability CWE-79 in FortiWebManager versions 6.2.3 and below, 6.0.2 and below may allow a remote authenticated attacker to inject malicious script/tags via the name/description/comments parameter of various sections of the device...
CVE-2021-36175
FortiWebManager (Fortinet) is affected by CVE-2021-36175. The issue is an input handling flaw (CWE-79) that could allow an authenticated remote attacker to inject malicious script/tags through the name, description, or comments fields in several sections of FortiWebManager. Affected versions are ...