Lucene search
FortinetCVELIST:CVE-2020-15937HistoryMar 03, 2021 - 3:45 p.m.
CVE-2020-15937
2021-03-0315:45:56
fortinet
www.cve.org
6
fortigate
cross site scripting
vulnerability
remote attacker
input neutralization
cve-2020-15937
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS
0.001
Percentile
38.0%
An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard.
CNA Affected
[
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.4.1, 6.2.5"
}
]
}
]References
Related
nessus
nessus
Fortinet FortiGate 6.2.2 < 6.2.6 / 6.4.x < 6.4.2 XSS (FG-IR-20-068)
2020-12-04 00:00:00
prion
prion
Cross site scripting
2021-03-03 16:15:00
cve
cve
CVE-2020-15937
2021-03-03 16:15:12
nvd
nvd
CVE-2020-15937
2021-03-03 16:15:12
fortinet
fortinet
Protect
2020-12-01 00:00:00
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS
0.001
Percentile
38.0%
Related for CVELIST:CVE-2020-15937