Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

FortiWeb 5.x < 5.1.0 XSS



The remote host is affected by a cross-site scripting vulnerability.


The remote host is running FortiWeb 5.x prior to 5.1.0. It is, therefore, affected by a cross-site scripting vulnerability in the webUI due to a failure to sanitize user-supplied input to the 'filter' parameter in the '/user/ldap_user/add' script. An attacker could potentially exploit this vulnerability to execute arbitrary JavaScript in the context of the end-user's browser.


Upgrade to 5.1.0 or later.