CVE-2013-7181

Fortinet FortiOS 5.0.3 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter.

References (7)

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0015.html

[US Government Resource] http://www.kb.cert.org/vuls/id/593118

[Vendor Advisory] http://www.fortiguard.com/advisory/FG-IR-14-002/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/65303

[Third Party Advisory, VDB Entry] http://osvdb.org/102820

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029731

[Third Party Advisory] http://secunia.com/advisories/56732

Scores

EPSS 0.0081

EPSS Percentile 74.1%

Details

CWE

CWE-79

Status published

Products (2)

fortinet/fortiweb

n/a/n/a

Published Feb 04, 2014

Tracked Since Feb 18, 2026