5 matches found
CVE-2023-26206
An improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an attacker to execute unauthorized code or commands via the name fields observed in the policy audit logs...
CVE-2023-26206
An improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an attacker to execute unauthorized code or commands via the name fields observed in the policy audit logs...
Cross site scripting
An improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an attacker to execute unauthorized code or commands via the name fields observed in the policy audit logs...
CVE-2023-26206
An improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an attacker to execute unauthorized code or commands via the name fields observed in the policy audit logs...
PT-2024-1744 · Fortinet · Fortinac
Name of the Vulnerable Software and Affected Versions: Fortinet FortiNAC versions 7.2.0 Fortinet FortiNAC versions 9.1.0 through 9.1.10 Fortinet FortiNAC versions 9.2.0 through 9.2.8 Fortinet FortiNAC versions 9.4.0 through 9.4.2 Description: The issue is related to an improper neutralization of...