An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-363 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-04-11T16:05:38.973Z
Updated: 2024-08-03T12:42:46.261Z
Reserved: 2022-09-23T15:07:35.782Z
Link: CVE-2022-41330
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-04-11T17:15:07.390
Modified: 2023-11-07T03:52:47.227
Link: CVE-2022-41330
Redhat
No data.