This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote host is affected by multiple vulnerabilities.
The remote host is running FortiWeb 4.x / 5.x prior to 5.0.3. It is,
therefore, affected by multiple vulnerabilities :
- FortiWeb is affected by a cross-site scripting
vulnerability due to a failure to sanitize
user-supplied input. (CVE-2014-1955)
- FortiWeb is affected by an unspecified HTTP header
injection vulnerability. (CVE-2014-1956)
- FortiWeb is affected by an unspecified privilege
escalation vulnerability. (CVE-2014-1957)
See also :
Upgrade to Fortinet FortiWeb 5.0.3 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true