XSS observed on policy column settings

XSS observed on policy column settings Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-22-313 Final 1 1 2023-01-03T00:00:00 Current version 2023-01-03T00:00:00 2023-01-03T00:00:00 An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiPortal management interface may allow a remote authenticated attacker to perform a stored cross site scripting (XSS) attack via sending request with specially crafted columnindex parameter. None Execute unauthorized code or commands Fortinet is pleased to thank Dmitry Bulkot from DEFEND ltd for reporting this vulnerability under responsible disclosure. FortiPortal 6.0.11 FortiPortal 6.0.10 FortiPortal 6.0.9 FortiPortal 6.0.8 FortiPortal 6.0.7 FortiPortal 6.0.6 FortiPortal 6.0.5 FortiPortal 6.0.4 FortiPortal 6.0.3 FortiPortal 6.0.2 FortiPortal 6.0.1 FortiPortal 6.0.0 FortiPortal 5.3.8 FortiPortal 5.3.7 FortiPortal 5.3.6 FortiPortal 5.3.5 FortiPortal 5.3.4 FortiPortal 5.3.3 FortiPortal 5.3.2 FortiPortal 5.3.1 FortiPortal 5.3.0 FortiPortal 5.2.6 FortiPortal 5.2.5 FortiPortal 5.2.4 FortiPortal 5.2.3 FortiPortal 5.2.2 FortiPortal 5.2.1 FortiPortal 5.2.0 FortiPortal 5.1.2 FortiPortal 5.1.1 FortiPortal 5.1.0 FortiPortal 5.0.3 FortiPortal 5.0.2 FortiPortal 5.0.1 FortiPortal 5.0.0 XSS observed on policy column settings CVE-2022-41336 FortiPortal-6.0.11 FortiPortal-6.0.10 FortiPortal-6.0.9 FortiPortal-6.0.8 FortiPortal-6.0.7 FortiPortal-6.0.6 FortiPortal-6.0.5 FortiPortal-6.0.4 FortiPortal-6.0.3 FortiPortal-6.0.2 FortiPortal-6.0.1 FortiPortal-6.0.0 FortiPortal-5.3.8 FortiPortal-5.3.7 FortiPortal-5.3.6 FortiPortal-5.3.5 FortiPortal-5.3.4 FortiPortal-5.3.3 FortiPortal-5.3.2 FortiPortal-5.3.1 FortiPortal-5.3.0 FortiPortal-5.2.6 FortiPortal-5.2.5 FortiPortal-5.2.4 FortiPortal-5.2.3 FortiPortal-5.2.2 FortiPortal-5.2.1 FortiPortal-5.2.0 FortiPortal-5.1.2 FortiPortal-5.1.1 FortiPortal-5.1.0 FortiPortal-5.0.3 FortiPortal-5.0.2 FortiPortal-5.0.1 FortiPortal-5.0.0 6.6 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-22-313 XSS observed on policy column settings Reference>