3 matches found
CVE-2022-30304
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting XSS attack via the URL parameter observed in the FortiWeb attack event...
CVE-2022-30304
FortiAnalyzer contains a cross-site scripting (XSS) vulnerability (CWE-79) that can be exploited remotely by an unauthenticated attacker via a URL parameter observed in the FortiWeb attack log view. Affects FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8; successful exploitation leads to s...
CVE-2022-30304
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting XSS attack via the URL parameter observed in the FortiWeb attack event...