Lucene search
RootSSV:62118HistoryApr 10, 2014 - 12:00 a.m.
Fortinet FortiADC 'locale'参数跨站脚本漏洞
2014-04-1000:00:00
Root
www.seebug.org
7
0.004 Low
EPSS
Percentile
72.1%
Bugtraq ID:66642
CVE ID:CVE-2014-0331
Fortinet FortiADC是一款应用交付控制器。
通过"locale" GET参数传递给/FortiADC/gui_partA/的输入在返回用户之前缺少过滤,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。
0
Fortinet FortiADC 3.2.0
Fortinet FortiADC 3.2.1版本已经修复漏洞,建议用户下载使用:
http://www.fortiguard.com/
Related
cert
cert
Fortinet FortiADC D-series contains a cross-site scripting vulnerability
2014-04-11 00:00:00
nvd
nvd
CVE-2014-0331
2014-04-10 20:29:20
cve
cve
CVE-2014-0331
2014-04-10 20:29:20
fortinet
fortinet
FortiADC Cross-Site Scripting Vulnerability
2014-04-03 00:00:00
prion
prion
Cross site scripting
2014-04-10 20:29:00
cvelist
cvelist
CVE-2014-0331
2014-04-10 14:00:00