← back
CVE-2017-14190

CVE-2017-14190

EPSS 1.1%
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP requests.
Affected products
Fortinet, Inc. · FortiOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-17-262http://www.securityfocus.com/bid/102779http://www.securitytracker.com/id/1040284