VYPR
Medium severity5.4NVD Advisory· Published Oct 7, 2016· Updated Jun 17, 2026

CVE-2015-7363

CVE-2015-7363

Description

Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters.

Affected products

32
  • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.0:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.11:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.12:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.8:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.2:*:*:*:*:*:*:*
    • (no CPE)range: <5.0.13, <5.2.3
  • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.0:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.11:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.8:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortimanager_firmware:5.2.1:*:*:*:*:*:*:*
    • (no CPE)range: <5.0.12, <5.2.3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.