PT-2020-7838 · Fortinet · Fortimanager+1

Published

2020-02-04

Updated

2020-02-05

CVE-2015-3612

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: FortiManager versions 5.2.1 and earlier FortiManager versions 5.0.10 and earlier

Description: A Cross-site Scripting (XSS) issue exists via an unspecified parameter in the FortiWeb auto update service page.

Recommendations: For FortiManager versions 5.2.1 and earlier, update to a version later than 5.2.1. For FortiManager versions 5.0.10 and earlier, update to a version later than 5.0.10.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2015-3612

Affected Products

Fortimanager

Fortiweb

PT-2020-7838 · Fortinet · Fortimanager+1

CVE-2015-3612

Weakness Enumeration

Related Identifiers

Affected Products

References · 4