← back
CVE-2021-24014

CVE-2021-24014

CVSS 5.4 MEDIUMEPSS 0.6%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
04 Aug 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:X/RC:X
Affected products
Fortinet · Fortinet FortiSandbox

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-20-209