Security Advisory
CVE-2012-6346
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Multiple cross-site scripting (XSS) vulnerabilities in FortiWeb before 4.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) redir or (2) mkey parameter to waf/pcre_expression/validate.