CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16156

An Improper Neutralization of Input vulnerability in the Anomaly Detection Parameter Name in Fortinet FortiWeb 6.0.5, 6.2.0, and 6.1.1 may allow a remote unauthenticated attacker to perform a Cross Site Scripting attack (XSS).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2019-16156

Fortinet » Fortiweb » Version: 6.0.0

cpe:2.3:a:fortinet:fortiweb:6.0.0
Fortinet » Fortiweb » Version: 6.0.1

cpe:2.3:a:fortinet:fortiweb:6.0.1
Fortinet » Fortiweb » Version: 6.0.2

cpe:2.3:a:fortinet:fortiweb:6.0.2
Fortinet » Fortiweb » Version: 6.0.3

cpe:2.3:a:fortinet:fortiweb:6.0.3
Fortinet » Fortiweb » Version: 6.0.4

cpe:2.3:a:fortinet:fortiweb:6.0.4
Fortinet » Fortiweb » Version: 6.0.5

cpe:2.3:a:fortinet:fortiweb:6.0.5
Fortinet » Fortiweb » Version: 6.1.0

cpe:2.3:a:fortinet:fortiweb:6.1.0
Fortinet » Fortiweb » Version: 6.1.1

cpe:2.3:a:fortinet:fortiweb:6.1.1
Fortinet » Fortiweb » Version: 6.2.0

cpe:2.3:a:fortinet:fortiweb:6.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16156

Products

Pricing

Contact Us