VYPR
Unrated severityNVD Advisory· Published Dec 8, 2021· Updated Oct 25, 2024

CVE-2021-41029

CVE-2021-41029

Description

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to store malicious javascript code in the device and trigger it via crafted HTTP requests

Affected products

2
  • Range: <=8.6.1
  • Fortinet/Fortinetcpe-rescue
    Range: FortiWLM 8.6.1, 8.6.0, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.