CVE-2022-38374

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-22-232 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*

Information

Published : 2022-11-02 12:15

Updated : 2022-11-03 01:52


NVD link : CVE-2022-38374

Mitre link : CVE-2022-38374

Products Affected
CWE