Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Fortinet FortiNAC 跨站脚本漏洞
Vulnerability Description
Fortinet FortiNAC是美国飞塔(Fortinet)公司的一套网络访问控制解决方案。该产品主要用于网络访问控制和物联网安全防护。 Fortinet FortiNAC 存在安全漏洞,该漏洞源于输入中和不当,经过身份验证的攻击者利用该漏洞可以通过精心设计的HTTP GET请求执行多次XSS攻击。
CVSS Information
N/A
Vulnerability Type
N/A