CVE-2017-7733

A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-17-113 Vendor Advisory
http://www.securitytracker.com/id/1039677 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/101563 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*

Information

Published : 2017-10-27 06:29

Updated : 2017-10-31 13:55


NVD link : CVE-2017-7733

Mitre link : CVE-2017-7733


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

fortinet

  • fortios