Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS v2.0 Score
4.3
/ 10.0
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Information
- Published
- 12 mai 2015
- Updated
- 12 avr. 2025
- Status
- Deferred
- Source
- cve@mitre.org
Affected products
fortinet fortiosAll Fortinet FortiOS CVEs →
Versions : 5.2.0, 5.2.1, 5.2.2
Weaknesses (CWE)
CWE-79
References (12)
- http://www.fortiguard.com/advisory/FG-IR-15-005/Vendor Advisory
- http://www.securityfocus.com/bid/74652Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032261Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032262Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032264Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032265Third Party AdvisoryVDB Entry
- http://www.fortiguard.com/advisory/FG-IR-15-005/Vendor Advisory
- http://www.securityfocus.com/bid/74652Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032261Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032262Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032264Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032265Third Party AdvisoryVDB Entry
Similar CVEs
Other vulnerabilities of type CWE-79
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.