QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-7335

Back to search

CVE-2017-7335

Published: Oct 26, 2017

Modified: Oct 25, 2024

PUBLISHED

Description

A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refresh" and "branchtotable" present in HTTP POST requests.

VendorProductVersions

n/a

n/a

affected
n/a

References

101287
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now