Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-22-260 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:07:06.780Z
Updated: 2023-02-16T18:07:06.780Z
Reserved: 2023-01-05T10:06:31.522Z
Link: CVE-2023-22638
JSON object: View
NVD Information
Status : Modified
Published: 2023-02-16T19:15:13.977
Modified: 2023-11-07T04:07:11.260
Link: CVE-2023-22638
JSON object: View
Redhat Information
No data.
CWE