Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-260 |
History
Wed, 23 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:07:06.780Z
Updated: 2024-10-23T14:32:18.357Z
Reserved: 2023-01-05T10:06:31.522Z
Link: CVE-2023-22638
Vulnrichment
Updated: 2024-08-02T10:13:49.511Z
NVD
Status : Modified
Published: 2023-02-16T19:15:13.977
Modified: 2024-11-21T07:45:06.270
Link: CVE-2023-22638
Redhat
No data.