A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
References
History

Tue, 22 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'No', 'Exploitation': 'None', 'Technical Impact': 'Total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-10-13T14:51:17.295Z

Updated: 2024-10-22T20:54:54.226Z

Reserved: 2023-09-04T08:12:52.815Z

Link: CVE-2023-41843

cve-icon Vulnrichment

Updated: 2024-08-02T19:09:49.146Z

cve-icon NVD

Status : Modified

Published: 2023-10-13T15:15:44.243

Modified: 2024-11-21T08:21:47.077

Link: CVE-2023-41843

cve-icon Redhat

No data.