Home

Description

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality.

PUBLISHED Reserved 2017-03-30 | Published 2017-05-26 | Updated 2024-10-25 | Assigner fortinet

Problem types

Execution of unauthorized code or commands

Product status

FortiPortal versions 4.0.0 and below
affected

References

fortiguard.com/psirt/FG-IR-17-114

fortiguard.com/psirt/FG-IR-17-114

cve.org (CVE-2017-7339)

nvd.nist.gov (CVE-2017-7339)

Download JSON