VYPR
Unrated severityNVD Advisory· Published Sep 13, 2023· Updated Dec 16, 2025

CVE-2023-29183

CVE-2023-29183

Description

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.

Affected products

4
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    7.2.0 through 7.2.4, 7.0.0 through 7.0.10+ 1 more
    • (no CPE)range: 7.2.0 through 7.2.4, 7.0.0 through 7.0.10
    • (no CPE)range: 7.2.0
  • Fortinet/Fortiosllm-fuzzy2 versions
    7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14+ 1 more
    • (no CPE)range: 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.