exploitDog

GHSA-g982-q57c-wm6f

Опубликовано: 11 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.

Ссылки

EPSS

Процентиль: 60%

0.00399

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-43952

CVSS3: 3.5

nvd

почти 3 года назад

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.

BDU:2023-02225

CVSS3: 3.5

fstec

почти 3 года назад

Уязвимость средства управления доступом к сети Fortinet FortiNAC, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

EPSS

Процентиль: 60%

0.00399

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79