Back to search
CVE-2017-17541
Published: Jul 16, 2018
Modified: Oct 25, 2024
PUBLISHED
Description
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates feature.
| Vendor | Product | Versions |
|---|---|---|
Fortinet | Fortinet FortiManager, FortiAnalyzer | affected FortiManager 6.0.0, 5.6.4 and below versions; FortiAnalyzer 6.0.0, 5.6.4 and below versions |
References
https://fortiguard.com/advisory/FG-IR-17-305
x_refsource_CONFIRM
1041246
vdb-entry
x_refsource_SECTRACK
1041247
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now