Stored Cross-Site Scripting Vulnerability in FortiWAN before 4.5.9

Stored Cross-Site Scripting Vulnerability in FortiWAN before 4.5.9

CVE-2021-32585 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests.

Learn more about our Web App Pen Testing.