CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-16154

An improper neutralization of input during web page generation in FortiAuthenticator WEB UI 6.0.0 may allow an unauthenticated user to perform a cross-site scripting attack (XSS) via a parameter of the logon page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://fortiguard.com/advisory/FG-IR-19-104
https://fortiguard.com/advisory/FG-IR-19-104

Products affected by CVE-2019-16154

Fortinet » Fortiauthenticator » Version: 6.0.0

cpe:2.3:a:fortinet:fortiauthenticator:6.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16154

Products

Pricing

Contact Us