Medium severity4.8NVD Advisory· Published May 23, 2017· Updated May 13, 2026
CVE-2017-3128
CVE-2017-3128
Description
A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter.
Affected products
28cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.13:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.14:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*
- cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*
- (no CPE)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.securityfocus.com/bid/98514nvdThird Party AdvisoryVDB Entry
- fortiguard.com/psirt/FG-IR-17-057nvdVendor Advisory
- www.securitytracker.com/id/1038541nvd
News mentions
0No linked articles in our index yet.