2 matches found
CVE-2022-41336
An improper neutralization of input during web page generation vulnerability CWE-79 in FortiPortal versions 6.0.0 through 6.0.11 and all versions of 5.3, 5.2, 5.1, 5.0 management interface may allow a remote authenticated attacker to perform a stored cross site scripting XSS attack via sending...
CVE-2022-41336
Fortinet FortiPortal is affected by CVE-2022-41336 due to an improper neutralization of input during web page generation (CWE-79). A remote authenticated attacker can trigger a stored cross-site scripting (XSS) via a specially crafted columnindex parameter in the FortiPortal management interface....