4 matches found
CVE-2023-29183
An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated...
Fortinet Releases Security Updates for Multiple Products
Fortinet has released security updates to address vulnerabilities CVE-2023-29183 and CVE-2023-34984 affecting FortiOS, FortiProxy, and FortiWeb. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...
CVE-2023-29183
CVE-2023-29183 describes an authenticated Cross-Site Scripting (XSS) vulnerability in FortiOS/FortiProxy GUI via the guest management setting. Affects FortiOS/FortiProxy versions including FortiOS 7.2.0–7.2.4, 7.0.0–7.0.11, 6.4.0–6.4.12, 6.2.0–6.2.14; Fortinet’s PSIRT FG-IR-23-106 confirms the is...
Fortinet Fortigate xss (FG-IR-23-106)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-106 advisory. - An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiProxy...