VYPR
Unrated severityNVD Advisory· Published Feb 16, 2023· Updated Oct 22, 2024

CVE-2022-38376

CVE-2022-38376

Description

Multiple improper neutralization of input during web page generation ('Cross-site Scripting') vulnerabilities [CWE-79] in Fortinet FortiNAC portal UI before 9.4.1 allows an attacker to perform an XSS attack via crafted HTTP requests.

Affected products

2
  • Fortinet/Fortinac Fllm-fuzzy2 versions
    <9.4.1+ 1 more
    • (no CPE)range: <9.4.1
    • (no CPE)range: 9.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.