CVE-2021-41029
published 2021-12-08CVE-2021-41029: A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to store…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to store malicious javascript code in the device and trigger it via crafted HTTP requests
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortinet_fortiwlm | — | — |
| fortinet | fortiwlm | <= 8.6.1 | — |
| fortinet | fortiwlm | — | — |