VYPR
Unrated severityNVD Advisory· Published Mar 17, 2025· Updated Mar 17, 2025

CVE-2019-15706

CVE-2019-15706

Description

An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy version 2.0.0, version 1.2.9 and below and FortiOS version 6.2.1 and below, version 6.0.8 and below, version 5.6.12 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Fortinet/Fortiosv52 versions
    cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*range: 6.2.0
    • (no CPE)range: <=6.2.1, <=6.0.8, <=5.6.12
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    <=2.0.0, <=1.2.9+ 1 more
    • (no CPE)range: <=2.0.0, <=1.2.9
    • (no CPE)range: 2.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.