CVE-2019-16154
CVE-2019-16154
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
07 Jan 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An improper neutralization of input during web page generation in FortiAuthenticator WEB UI 6.0.0 may allow an unauthenticated user to perform a cross-site scripting attack (XSS) via a parameter of the logon page.
Affected products
Fortinet · FortiAuthenticator WEB UIWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →