IR Number	FG-IR-14-004
Date	Apr 3, 2014
Risk
Impact	Cross Site Scripting
CVE ID	CVE-2014-0331
CVRF	Download

Refine Search

PSIRT Advisories

FortiADC Cross-Site Scripting Vulnerability

Description

The web administration interface on FortiADC D-series versions 3.2.0 and lower have a reflective cross-site scripting vulnerability in the locale parameter.

Impact Detail

Under certain conditions, an attacker may be able to execute arbitrary JavaScript content in the context of the end-user's browser session.

Affected Products

FortiADC D-series 3.2.0 and lower. This does not affect FortiADC E-series products.

Solutions

Upgrade to FortiADC D-series version 3.2.1 or higher.

Acknowledgement

William Costa

News / Research

Services

Threat Lookup

PSIRT

Resources