CVE-2015-1459

Currently unrated

Key Information:

Vendor
Fortinet
Status
Fortiauthenticator
Vendor
CVE Published:
3 February 2015

Summary

Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/100561
vdb-entryx_refsource_XF
http://secunia.com/advisories/62836
third-party-advisoryx_refsource_SECUNIA
http://packetstormsecurity.com/files/130156/Fortinet-Fort...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.