CVE-2022-40680
06.12.2022, 17:15
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.| Vendor | Product | Version |
|---|---|---|
| fortinet | fortios | 6.0.7 ≤ 𝑥 ≤ 6.0.15 |
| fortinet | fortios | 6.2.2 ≤ 𝑥 ≤ 6.2.12 |
| fortinet | fortios | 6.4.0 ≤ 𝑥 ≤ 6.4.9 |
| fortinet | fortios | 7.0.0 ≤ 𝑥 ≤ 7.0.3 |
𝑥
= Vulnerable software versions