Press ESC to close

SSLVPN WEB UI Text injection

An improper neutralization of special elements in output used by a downstream component (‘Injection’) vulnerability [CWE-74] in FortiOS and FortiProxy SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests. Revised on 2024-12-04 08:24:41

Source: FortiGuard Labs

Published on: November 12, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *