CVE-2020-12815: An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via…

medium5.4CVSS 3.1

AVNACLPRLUIRSCCLILAN

An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via IPv4/IPv6 address fields.

Affected

7 ranges

Vendor	Product	Version range	Fixed in
fortinet	fortianalyzer	<= 6.2.5	—
fortinet	fortianalyzer	—	—
fortinet	fortianalyzer	6.4.0 – 6.4.1	—
fortinet	fortinet_fortitester	—	—
fortinet	fortitester	<= 3.7.0	—
fortinet	fortitester	—	—
fortinet	fortitester	—	—