Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
不恰当实现的标准安全检查
Vulnerability Title
Fortinet FortiOS和FortiProxy 安全特征问题漏洞
Vulnerability Description
Fortinet FortiOS和Fortinet FortiProxy都是美国飞塔(Fortinet)公司的产品。Fortinet FortiOS是一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。Fortinet FortiProxy是一种安全的网络代理,通过结合多种检测技术,如Web过滤、DNS过滤、DLP、反病毒、入侵防御和高级威胁保护,可以保护员工免受网络攻击。FortiProxy有助于减
CVSS Information
N/A
Vulnerability Type
N/A