A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-311 |
![]() ![]() ![]() |
History
No history.
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: fortinet
Published: 2023-10-13T14:51:08.259Z
Updated: 2024-09-16T20:37:53.080Z
Reserved: 2023-08-30T13:42:39.547Z
Link: CVE-2023-41681
![cve-icon](/static/img/cisa-icon.png)
Updated: 2024-08-02T19:01:35.376Z
![cve-icon](/static/img/nvd-icon.png)
Status : Modified
Published: 2023-10-13T15:15:44.060
Modified: 2024-11-21T08:21:28.727
Link: CVE-2023-41681
![cve-icon](/static/img/redhat-icon.png)
No data.