← back
CVE-2017-17541

CVE-2017-17541

EPSS 0.9%
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates feature.
Affected products
Fortinet · Fortinet FortiManager, FortiAnalyzer

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-17-305http://www.securitytracker.com/id/1041246http://www.securitytracker.com/id/1041247