CVE-2017-7339

medium Fortinet
CVSS v3 Base Score
6.1
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
0.3%
Exploitation probability in 30 days
Top 47% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
Low
Integrity
Low
Availability
None
Published: May 27, 2017 (3274 days ago)
Last Modified: May 13, 2026
Vendor: Fortinet
Source: NVD

Description

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality.

CWE

CWE-79

Affected Products

fortinet fortiportal

References

🔗 fortiguard.com 🔗 fortiguard.com