CVE-2017-7339

Summary

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality.

Affected Software

VendorProductVersion RangeStatus
Fortinet, Inc.Fortinet FortiPortalFortiPortal versions 4.0.0 and belowaffected

Weaknesses

  • Execution of unauthorized code or commands

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References