Cross-Site Scripting Vulnerability in Fortinet FortiWeb Products
CVE-2021-43063
6.1MEDIUM
What is CVE-2021-43063?
An improper neutralization of input during web page generation in Fortinet FortiWeb allows for the exploitation of cross-site scripting (XSS) vulnerabilities. This issue affects multiple versions of FortiWeb, enabling attackers to potentially execute unauthorized code or commands through crafted HTTP GET requests targeting the login interface. Users of affected versions should take immediate action to mitigate risk.
Affected Version(s)
Fortinet FortiWeb FortiWeb 6.4.1, 6.4.0, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0