VYPR
Unrated severityNVD Advisory· Published Feb 16, 2023· Updated Oct 23, 2024

CVE-2023-22638

CVE-2023-22638

Description

Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.

Affected products

2
  • Fortinet/Fortinac Fllm-fuzzy2 versions
    <=9.4.1, <=9.2.6, <=9.1.8, <=8.8.11, <=8.7.6, <=8.6.5, <=8.5.4, <=8.3.7+ 1 more
    • (no CPE)range: <=9.4.1, <=9.2.6, <=9.1.8, <=8.8.11, <=8.7.6, <=8.6.5, <=8.5.4, <=8.3.7
    • (no CPE)range: 9.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.