A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-232 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-11-02T00:00:00
Updated: 2024-10-25T13:20:38.157Z
Reserved: 2022-08-16T00:00:00
Link: CVE-2022-38374
Vulnrichment
Updated: 2024-08-03T10:54:03.687Z
NVD
Status : Analyzed
Published: 2022-11-02T12:15:54.303
Modified: 2022-11-03T13:52:13.553
Link: CVE-2022-38374
Redhat
No data.