First published: Tue Nov 02 2021(Updated: )
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiAnalyzer version 6.0.6 and below, version 6.4.4 allows attacker to execute unauthorized code or commands via specifically crafted requests to the web GUI.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiAnalyzer | >=6.0.0<=6.0.6 | |
Fortinet FortiAnalyzer | =6.4.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.