CVE-2013-7182Cross-site Scripting in Fortinet Fortios

CWE-79Cross-site Scripting4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.8%
top 25.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortios
Timeline
PublishedFeb 4
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDfortinet/fortios5.0.5

🔴Vulnerability Details

2
GHSA
GHSA-gh6h-gc88-6c3c: Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 52022-05-17
CVEList
CVE-2013-7182: Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 52014-02-04

💥Exploits & PoCs

1
Exploit-DB
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)2018-11-14
CVE-2013-7182 — Cross-site Scripting in Fortinet | cvebase