An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-363 |
History
Wed, 23 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-04-11T16:05:38.973Z
Updated: 2024-10-23T14:30:33.980Z
Reserved: 2022-09-23T15:07:35.782Z
Link: CVE-2022-41330
Vulnrichment
Updated: 2024-08-03T12:42:46.261Z
NVD
Status : Modified
Published: 2023-04-11T17:15:07.390
Modified: 2024-11-21T07:23:04.087
Link: CVE-2022-41330
Redhat
No data.