A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-17-113 | Vendor Advisory |
http://www.securitytracker.com/id/1039677 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/101563 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-10-27 06:29
Updated : 2017-10-31 13:55
NVD link : CVE-2017-7733
Mitre link : CVE-2017-7733
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
fortinet
- fortios