Cross-Site Scripting Vulnerabilities in Fortinet FortiManager
CVE-2015-8037

Currently unrated

Key Information:

Vendor: Fortinet
Status: Fortimanager Firmware
Vendor: CVE Published:; 2 November 2015

Summary

Multiple cross-site scripting (XSS) vulnerabilities exist in the Graphical User Interface (GUI) of Fortinet FortiManager prior to version 5.2.4. These vulnerabilities allow remote attackers to inject arbitrary web scripts or HTML. Attackers can exploit these flaws through specific components, including the SOMVpnSSLPortalDialog and the FGDMngUpdHistory, potentially compromising user interactions and data security.

References

http://www.fortiguard.com/advisory/multiple-xss-vulnerabi...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 2, 2015