Arbitrary Web Script Injection Vulnerability in Fortinet FortiManager and FortiAnalyzer
CVE-2015-7363 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters.
Learn more about our Cis Benchmark Audit For Fortinet.