An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-230 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-05-11T14:30:18
Updated: 2024-08-04T03:47:13.630Z
Reserved: 2021-10-28T00:00:00
Link: CVE-2021-43081
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-11T15:15:08.603
Modified: 2022-05-19T02:25:38.847
Link: CVE-2021-43081
Redhat
No data.