Medium severity6.1NVD Advisory· Published Jul 16, 2018· Updated Jun 17, 2026
CVE-2017-17541
CVE-2017-17541
Description
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates feature.
Affected products
36.0.0, 5.6.4 and below+ 1 more
- (no CPE)range: 6.0.0, 5.6.4 and below
- (no CPE)range: FortiManager 6.0.0, 5.6.4 and below versions; FortiAnalyzer 6.0.0, 5.6.4 and below versions
- Range: 6.0.0, 5.6.4 and below
Patches
Vulnerability mechanics
References
3- www.securitytracker.com/id/1041246nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041247nvdThird Party AdvisoryVDB Entry
- fortiguard.com/advisory/FG-IR-17-305nvdVendor Advisory
News mentions
0No linked articles in our index yet.