github - ghsa-ph8h-6p6x-772p

ghsa-ph8h-6p6x-772p

Vulnerability from github

Published

2022-05-17 03:11

Modified

2022-05-17 03:11

Details

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-8616"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-05-12T19:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus.",
  "id": "GHSA-ph8h-6p6x-772p",
  "modified": "2022-05-17T03:11:04Z",
  "published": "2022-05-17T03:11:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8616"
    },
    {
      "type": "WEB",
      "url": "http://www.fortiguard.com/advisory/FG-IR-15-005"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032261"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032262"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032264"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032265"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2014-8616

Vulnerability from cvelistv5

Published

2015-05-12 19:00

Modified

2024-08-06 13:26

Severity

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus.

References

URL	Tags
http://www.securitytracker.com/id/1032261	vdb-entry, x_refsource_SECTRACK
http://www.fortiguard.com/advisory/FG-IR-15-005/	x_refsource_CONFIRM
http://www.securitytracker.com/id/1032265	vdb-entry, x_refsource_SECTRACK
http://www.securitytracker.com/id/1032264	vdb-entry, x_refsource_SECTRACK
http://www.securitytracker.com/id/1032262	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:26:01.097Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1032261",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032261"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
          },
          {
            "name": "1032265",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032265"
          },
          {
            "name": "1032264",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032264"
          },
          {
            "name": "1032262",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032262"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-30T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1032261",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032261"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
        },
        {
          "name": "1032265",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032265"
        },
        {
          "name": "1032264",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032264"
        },
        {
          "name": "1032262",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032262"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8616",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1032261",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032261"
            },
            {
              "name": "http://www.fortiguard.com/advisory/FG-IR-15-005/",
              "refsource": "CONFIRM",
              "url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
            },
            {
              "name": "1032265",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032265"
            },
            {
              "name": "1032264",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032264"
            },
            {
              "name": "1032262",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032262"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8616",
    "datePublished": "2015-05-12T19:00:00",
    "dateReserved": "2014-11-04T00:00:00",
    "dateUpdated": "2024-08-06T13:26:01.097Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.