vulnerability

Fortinet FortiAnalyzer/FortiManager: CVE-2015-7363: FortiAnalyzer and FortiManager stored XSS vulnerability in report filters

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Oct 7, 2016	May 15, 2017	Oct 30, 2017

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Oct 7, 2016

Added

May 15, 2017

Modified

Oct 30, 2017

Description

Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters.

Solutions

fortianalyzer-cve-2015-7363-1fortianalyzer-cve-2015-7363-2fortimanager-cve-2015-7363-1fortimanager-cve-2015-7363-2

References

BID-93413
CVE-2015-7363
https://attackerkb.com/topics/CVE-2015-7363
URL-http://fortiguard.com/psirt/fortianalyzer-and-fortimanager-stored-xss-vulnerability-in-report-filters
URL-http://www.securityfocus.com/bid/93413

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today