Lucene search
China National Vulnerability DatabaseCNVD-2021-99662HistoryDec 13, 2021 - 12:00 a.m.
Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-99662)
2021-12-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
fortinet fortiweb
web application layer firewall
cross-site scripting
sql injection
cookie poisoning
schema poisoning
attack protection
web application security
database protection
invalid inputs
unauthenticated user
malicious javascript injection
device error handler
vulnerability
EPSS
0.001
Percentile
34.5%
Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A cross-site scripting vulnerability exists, which stems from the invalidation of multiple incorrect inputs during web page generation that could allow an unauthenticated user to inject malicious javascript code into a response web page via a crafted request to a device error handler. No detailed vulnerability details are currently available.
Related
fortinet
fortinet
FortiWeb - Reflected cross-site scripting in error controllers
2021-12-07 00:00:00
cvelist
cvelist
CVE-2021-36188
2021-12-08 13:24:55
cve
cve
CVE-2021-36188
2021-12-08 17:15:10
prion
prion
Cross site scripting
2021-12-08 17:15:00
nvd
nvd
CVE-2021-36188
2021-12-08 17:15:10