Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2022-43952

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.

  • Published: Apr 11, 2023
  • Updated: Apr 19, 2023
  • CVE: CVE-2022-43952
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.4
  • AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
fortinet / fortiadc 7.1.0 7.1.2
fortinet / fortiadc 7.0.0 7.0.4
fortinet / fortiadc 6.2.0 6.2.6