VYPR
Unrated severityNVD Advisory· Published Sep 24, 2020· Updated Oct 25, 2024

CVE-2020-12817

CVE-2020-12817

Description

An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors.

Affected products

2
  • Fortinet/Fortianalyzerllm-fuzzy2 versions
    <6.4.1, <6.2.5+ 1 more
    • (no CPE)range: <6.4.1, <6.2.5
    • (no CPE)range: FortiAnalyzer before 6.4.1; before 6.2.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.