Unrated severityNVD Advisory· Published Nov 2, 2021· Updated Oct 25, 2024
CVE-2020-12814
CVE-2020-12814
Description
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiAnalyzer version 6.0.6 and below, version 6.4.4 allows attacker to execute unauthorized code or commands via specifically crafted requests to the web GUI.
Affected products
2<=6.0.6, 6.4.4+ 1 more
- (no CPE)range: <=6.0.6, 6.4.4
- (no CPE)range: FortiAnalyzer 6.4.4, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0
Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-20-092mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.