An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-230 |
History
Tue, 22 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-05-11T14:30:18
Updated: 2024-10-22T20:57:08.663Z
Reserved: 2021-10-28T00:00:00
Link: CVE-2021-43081
Vulnrichment
Updated: 2024-08-04T03:47:13.630Z
NVD
Status : Modified
Published: 2022-05-11T15:15:08.603
Modified: 2024-11-21T06:28:39.330
Link: CVE-2021-43081
Redhat
No data.