A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.
References
History

Fri, 25 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2022-11-02T00:00:00

Updated: 2024-10-25T13:20:38.157Z

Reserved: 2022-08-16T00:00:00

Link: CVE-2022-38374

cve-icon Vulnrichment

Updated: 2024-08-03T10:54:03.687Z

cve-icon NVD

Status : Analyzed

Published: 2022-11-02T12:15:54.303

Modified: 2022-11-03T13:52:13.553

Link: CVE-2022-38374

cve-icon Redhat

No data.