Security Advisory

CVE-2021-41015

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-08 12:39:00

Last updated 2024-10-25 13:40:28

Assigner fortinet

State PUBLISHED

Description

A improper neutralization of input during web page generation (cross-site scripting) in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to SAML login handler

← Browse all CVEs View on cve.org ↗