CVE-2017-3131

Summary

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView.

Affected Software

VendorProductVersion RangeStatus
Fortinet, Inc.Fortinet FortiOSFortiOS versions 5.4.0 through 5.4.4 and 5.6.0affected

Weaknesses

  • Execute unauthorized code or commands

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References