VYPR
Medium severity6.1NVD Advisory· Published Jul 16, 2018· Updated Jun 17, 2026

CVE-2017-17541

CVE-2017-17541

Description

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates feature.

Affected products

3
  • Fortinet/Fortianalyzerllm-fuzzy2 versions
    6.0.0, 5.6.4 and below+ 1 more
    • (no CPE)range: 6.0.0, 5.6.4 and below
    • (no CPE)range: FortiManager 6.0.0, 5.6.4 and below versions; FortiAnalyzer 6.0.0, 5.6.4 and below versions
  • Range: 6.0.0, 5.6.4 and below

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.