A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiNAC versions 9.4.0, 9.2.0 up to and including 9.2.5, 9.1.0 up to and including 9.1.8, 8.8.0 up to and including 8.8.11, 8.7.0 up to and including 8.7.6, 8.6.0 up to and including 8.6.5, 8.5.0 up to and including 8.5.4, 8.3.7 allows malicious user to execute unauthorized code or commands via specially crafted http requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortinac |
||
fortinet fortinac 8.3.7 |
||
fortinet fortinac 9.4.0 |