CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-35851

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC management interface 7.1.0 may allow a remote and authenticated attacker to trigger a stored cross site scripting (XSS) attack via configuring a specially crafted IP Address.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.2%

CVSS Severity

CVSS v3 Score 8.0

References

https://fortiguard.com/psirt/FG-IR-22-314
https://fortiguard.com/psirt/FG-IR-22-314

Products affected by CVE-2022-35851

Fortinet » Fortiadc » Version: 7.1.0

cpe:2.3:a:fortinet:fortiadc:7.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35851

Products

Pricing

Contact Us