ГлавнаяУязвимости → CVE-2023-37933
8.8высокая

CVE-2023-37933

Описание

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted HTTP or HTTPs requests.

Затрагиваемое ПО
Fortinet Fortiadc
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://fortiguard.com/psirt/FG-IR-23-216