At a glance:
| IR Number | FG-IR-14-002 |
| Date | Feb 03, 2014 |
| Risk | 
|
| Impact | Cross-site scripting |
| CVE ID | CVE-2013-7181 |
| CVRF | Download |
Refine Search
PSIRT Advisory
FortiWeb Cross-Site Scripting Vulnerability
Description
Fortiweb 5.0.3 and earlier versions contain a cross-site scripting vulnerability. The filter parameter in the URL "/user/ldap_user/add" is vulnerable to cross-site scripting attack.
Impact
Cross-site scripting
Affected Products
FortiWeb 5.0.3 and lower.
Solutions
Upgrade to FortiWeb 5.1.0 or higher.
Acknowledgement
William Costa