We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2017-14190



Assignerfortinet
Reserved2017-09-07
Published2018-01-29
Updated2024-10-25

Description

A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP requests.

Product status

5.6.0 to 5.6.2
affected

5.4.0 to 5.4.7
affected

5.2 and all earlier versions.
affected

References

http://www.securitytracker.com/id/1040284 (1040284) vdb-entry

http://www.securityfocus.com/bid/102779 (102779) vdb-entry

https://fortiguard.com/advisory/FG-IR-17-262

cve.org CVE-2017-14190

nvd.nist.gov CVE-2017-14190

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.