CVE-2022-23438

Publication date

2022-07-18 16:40:44

Family

fortinet

State

PUBLISHED

Description

An improper neutralization of input during web page generation (Cross-site Scripting) [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page.