CVE-2014-8616

MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus.

CVSS v2.0 Score

4.3

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Information

Published: 12 mai 2015
Updated: 12 avr. 2025
Status: Deferred
Source: cve@mitre.org

Affected products

fortinet fortiosAll Fortinet FortiOS CVEs →

Versions : 5.2.0, 5.2.1, 5.2.2

Weaknesses (CWE)

CWE-79

References (10)

http://www.fortiguard.com/advisory/FG-IR-15-005/
Vendor Advisory
http://www.securitytracker.com/id/1032261
http://www.securitytracker.com/id/1032262
http://www.securitytracker.com/id/1032264
http://www.securitytracker.com/id/1032265
http://www.fortiguard.com/advisory/FG-IR-15-005/
Vendor Advisory
http://www.securitytracker.com/id/1032261
http://www.securitytracker.com/id/1032262
http://www.securitytracker.com/id/1032264
http://www.securitytracker.com/id/1032265

Similar CVEs

Other vulnerabilities of type CWE-79

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring