Search
Search Results (23 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22124 | 1 Fortinet | 2 Fortiauthenticator, Fortisandbox | 2024-11-21 | 7.5 High |
| An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters. | ||||
| CVE-2019-16154 | 1 Fortinet | 1 Fortiauthenticator | 2024-11-21 | 6.1 Medium |
| An improper neutralization of input during web page generation in FortiAuthenticator WEB UI 6.0.0 may allow an unauthenticated user to perform a cross-site scripting attack (XSS) via a parameter of the logon page. | ||||
| CVE-2018-9186 | 1 Fortinet | 1 Fortiauthenticator | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header. | ||||