Back to search
CVE-2017-14190
Published: Jan 29, 2018
Modified: Oct 25, 2024
PUBLISHED
Description
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP requests.
| Vendor | Product | Versions |
|---|---|---|
Fortinet, Inc. | FortiOS | affected 5.6.0 to 5.6.2affected 5.4.0 to 5.4.7affected 5.2 and all earlier versions. |
References
1040284
vdb-entry
x_refsource_SECTRACK
102779
vdb-entry
x_refsource_BID
https://fortiguard.com/advisory/FG-IR-17-262
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now