CVE-2021-24014
published 2021-08-04CVE-2021-24014: Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet_fortisandbox | — | — |
| fortinet | fortisandbox | <= 3.1.4 | — |
| fortinet | fortisandbox | — | — |
| fortinet | fortisandbox | >= 3.2.0 < 3.2.3 | 3.2.3 |