At a glance:
| IR Number | FG-IR-012-007 |
| Date | Dec 03, 2012 |
| Risk | 
|
| Impact | Cross Site Scripting |
| CVE ID | CVE-2012-6347 |
| CVRF | Download |
Refine Search
PSIRT Advisory
Potential Cross Site Scripting Vulnerability in FortiDB
Summary
FortiDB does not sanitize user input properly under limited circumstances. The vulnerability could allow an attacker to inject malicious script code.
Description
FortiDB does not sanitize user input properly under limited circumstances. The vulnerability could allow an attacker to inject malicious script code.
Impact
Cross Site Scripting
Affected Products
FortiDB-2000B FortiDB-1000C FortiDB-400C
Solutions
Upgrade to FortiDB v4.4.2.
Acknowledgement
Benjamin Kunz Mejri of Vulnerability Laboratory Research Team