Skip to main content

FortiOS web GUI XSS vulnerability

Last Update Date: 26 Oct 2017 12:35 Release Date: 26 Oct 2017 3845 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in FortiOS, which could be exploited by remote attackers to conduct cross-site scripting attacks and bypass security restriction on the target system.


Impact

  • Cross-Site Scripting
  • Security Restriction Bypass

System / Technologies affected

  • Branch 5.6: FortiOS 5.6.0
  • Branch 5.4: FortiOS 5.4.0 to 5.4.5

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 5.6.1 or 5.4.6

Vulnerability Identifier


Source


Related Link