VYPR
Medium severity5.4NVD Advisory· Published Nov 22, 2017· Updated Jun 17, 2026

CVE-2017-7736

CVE-2017-7736

Description

A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.

Affected products

3
  • Fortinet/Fortiweb2 versions
    cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*range: <=5.7.1
    • cpe:2.3:a:fortinet:fortiweb:5.8.0:*:*:*:*:*:*:*
  • Fortinet, Inc./Fortinet FortiWebv5
    Range: FortiWeb 5.8.0, 5.7.1 and earlier

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.