Fortinet Fortiweb vulnerabilities

CVE-2014-1957 [MEDIUM] CWE-264 CVE-2014-1957: FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecifie FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors.

CVE-2014-1955 [MEDIUM] CWE-79 CVE-2014-1955: Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2013-7181 [MEDIUM] CWE-79 CVE-2013-7181: Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remo Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter.

CVE-2014-1458 [LOW] CWE-79 CVE-2014-1458: Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors.