FortiWeb multiple vulnerabilities Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-15-010 Final 1 1 2015-04-16T00:00:00 Current version 2015-04-16T00:00:00 2015-04-16T00:00:00 Older versions of FortiWeb are subject to three vulnerabilities: 1. OS command injection: A WebUI administrator user may run system commands when executing a report 2. Reflected XSS: A WebUI administrator user may perform a reflected XSS attack via an improperly sanitized parameter in the FortiWeb auto update service page 3. Password field with autocomplete enabled: The WebUI FTP backup page contains a password field with HTML form autocomplete enabled XSS, OS command injection, autocomplete in html form The Reflected XSS impacts FortiWeb versions between 5.0.0 and 5.3.4 included.The OS command injection and the password field with autocomplete enabled impact all supported FortiWeb versions lower than 5.3.5. Upgrade to FortiWeb 5.3.5 or higher.Workaround:Associate administrators to a limited access profile with none or read-only privileges for the following pages:- Maintenance- System Configuration- Log & report https://fortiguard.fortinet.com/psirt/FG-IR-15-010 FortiWeb multiple vulnerabilities Reference>