A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.
Max CVSS
5.4
EPSS Score
0.05%
Published
2017-11-22
Updated
2017-12-07
A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature.
Max CVSS
6.1
EPSS Score
0.08%
Published
2017-05-27
Updated
2017-06-02
2 vulnerabilities found