Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Score CVSS v2.0
4.3
/ 10.0
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Informations
- Publié
- 12 mai 2015
- Mis à jour
- 12 avr. 2025
- Statut
- Deferred
- Source
- cve@mitre.org
Produits affectés
fortinet fortiosToutes les CVE Fortinet FortiOS →
Versions : 5.2.0, 5.2.1, 5.2.2
Faiblesses (CWE)
CWE-79
Références (12)
- http://www.fortiguard.com/advisory/FG-IR-15-005/Vendor Advisory
- http://www.securityfocus.com/bid/74652Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032261Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032262Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032264Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032265Third Party AdvisoryVDB Entry
- http://www.fortiguard.com/advisory/FG-IR-15-005/Vendor Advisory
- http://www.securityfocus.com/bid/74652Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032261Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032262Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032264Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032265Third Party AdvisoryVDB Entry
CVEs similaires
Autres vulnérabilités de type CWE-79
Loading…
Surveillez vos produits
Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.