Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-260 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:07:06.780Z
Updated: 2024-08-02T10:13:49.511Z
Reserved: 2023-01-05T10:06:31.522Z
Link: CVE-2023-22638
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-16T19:15:13.977
Modified: 2023-11-07T04:07:11.260
Link: CVE-2023-22638
Redhat
No data.