Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname.
CVSS v2.0 Score
4.3
/ 10.0
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Information
- Published
- 11 août 2015
- Updated
- 12 avr. 2025
- Status
- Deferred
- Source
- cve@mitre.org
Affected products
fortinet fortiosAll Fortinet FortiOS CVEs →
Versions : 5.2.3
Weaknesses (CWE)
CWE-79
References (8)
- http://www.fortiguard.com/advisory/FG-IR-15-018/Vendor Advisory
- http://www.fortiguard.com/advisory/FG-IR-15-018/Vendor Advisory
Similar CVEs
Other vulnerabilities of type CWE-79
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.