| IR Number | FG-IR-22-260 |
| Date | Feb 16, 2023 |
| Severity |
Medium |
| CVSSv3 Score | 6.7 |
| Impact | Execute unauthorized code or commands |
| CVE ID | CVE-2023-22638 |
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiNAC - Multiple Stored and Reflected XSS
Summary
Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.
Solutions
Please upgrade to FortiNAC-F version 7.2.0 or above,
Please upgrade to FortiNAC version 9.4.2 or above