Page 5 of 22 results (0.003 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en FortiGuard FortiWeb anterior a 5.0.3 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y realizar ataques de división de respuestas HTTP a través de vectores no especificados. • http://www.fortiguard.com/advisory/FG-IR-13-009 •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la interfaz de administración Web en FortiGuard FortiWeb 5.0.3 y anteriores permite a administradores autenticados remotos inyectar script Web o HTML arbitrario a través de vectores no especificados. • http://www.fortiguard.com/advisory/FG-IR-14-001 https://exchange.xforce.ibmcloud.com/vulnerabilities/90978 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •