Test Kennung:	1.3.6.1.4.1.25623.1.0.105207
Kategorie:	FortiOS Local Security Checks
Titel:	Fortinet FortiGate XSS Vulnerability (FG-IR-14-003)
Zusammenfassung:	FortiOS as used in FortiGate is prone to a cross-site; scripting (XSS) vulnerability.
Beschreibung:	Summary: FortiOS as used in FortiGate is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: The mkey parameter in the URL /firewall/schedule/recurrdlg is vulnerable to a reflected cross-site scripting attack. Vulnerability Impact: A remote unauthenticated attacker may be able to execute arbitrary script in the context of the end-user's browser session. Affected Software/OS: Fortinet FortiGate prior to version 5.0.6. Solution: Update to FortiOS 5.0.6 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7182 BugTraq ID: 65308 http://www.securityfocus.com/bid/65308 CERT/CC vulnerability note: VU#728638 http://www.kb.cert.org/vuls/id/728638 http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0016.html http://osvdb.org/102819 http://www.securitytracker.com/id/1029730 http://secunia.com/advisories/56739
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.