Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet Fortiweb 跨站脚本漏洞
Vulnerability Description
Fortinet FortiWeb是美国飞塔(Fortinet)公司的一款Web应用层防火墙,它能够阻断如跨站点脚本、SQL注入、Cookie中毒、schema中毒等攻击的威胁,保证Web应用程序的安全性并保护敏感的数据库内容。 Fortinet Fortiweb 5.8.1之前的版本和5.7.2之前的版本的版本中存在跨站脚本漏洞,该漏洞源于程序没有正确的过滤用户提交的输入。远程攻击者可利用该漏洞在受影响网站的上下文中执行任意的HTML和脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A