FortiCloud Cross Site Script Persistent Web Vulnerabilities

Summary

Forticloud online service before May 3, 2016 was exposed to cross site scripting web vulnerabilities, which could allow malicious script being injected in the affected module; this potentially enables XSS attacks.

description-logo Description

Forticloud online service before May 3, 2016 was exposed to cross site scripting web vulnerabilities, which could allow malicious script being injected in the affected module; this potentially enables XSS attacks.

Impact Detail

NOT RENDERED BY THE CMS 

Affected Products

FortiCloud online service before May 3, 2016

Solutions

Issue fixed on May 3, 2016

Acknowledgement

Fortinet is pleased to thank Vulnerability Lab for reporting a FortiManager/FortiAnalyzer vulnerability under responsible disclosure.