Published: 12/09/2017 Updated: 14/09/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to Execute unauthorized code or commands via the action input during the activation of a FortiToken.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fortinet fortios

# Title: FortiOS <= 560 Multiple XSS Vulnerabilities # Vendor: Fortinet (wwwfortinetcom) # CVE: CVE-2017-3131, CVE-2017-3132, CVE-2017-3133 # Date: 28072016 # Author: Patryk Bogdan (@patryk_bogdan) Affected FortiNet products: * CVE-2017-3131 : FortiOS versions 540 to 560 * CVE-2017-3132 : FortiOS versions upto 560 * CVE-2017-3133 : ...

FortiOS versions 560 and below suffer from multiple cross site scripting vulnerabilities ...

CWE-79 https://fortiguard.com/advisory/FG-IR-17-104 https://www.exploit-db.com/exploits/42388/http://www.securitytracker.com/id/1039020 http://www.securityfocus.com/bid/100009 https://nvd.nist.gov https://www.exploit-db.com/exploits/42388/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-3132

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect