exploitDog

GHSA-jjwg-7f28-x45q

Опубликовано: 09 дек. 2021

Источник: github

Github: Не прошло ревью

Описание

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute malicious javascript code on victim's host via crafted HTTP requests

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute malicious javascript code on victim's host via crafted HTTP requests

Ссылки

EPSS

Процентиль: 42%

0.002

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-42752

CVSS3: 5.4

nvd

около 4 лет назад

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute malicious javascript code on victim's host via crafted HTTP requests

EPSS

Процентиль: 42%

0.002

Низкий

CVE ID

Дефекты

CWE-79