CVE-2022-43952

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-22-439 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*

History

18 Apr 2023, 19:03

Type Values Removed Values Added
New CVE

Information

Published : 2023-04-11 17:15

Updated : 2024-02-04 23:37


NVD link : CVE-2022-43952

Mitre link : CVE-2022-43952

CVE.ORG link : CVE-2022-43952


JSON object : View

Products Affected

fortinet

  • fortiadc
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')