VYPR
Unrated severityNVD Advisory· Published May 3, 2023· Updated Oct 23, 2024

CVE-2023-22637

CVE-2023-22637

Description

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in License Management would permit an authenticated attacker to trigger remote code execution via crafted licenses.

Affected products

2
  • Fortinet/Fortinac Fllm-fuzzy2 versions
    =7.2.0+ 1 more
    • (no CPE)range: =7.2.0
    • (no CPE)range: 9.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.