mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
68 lines
2.1 KiB
JSON
68 lines
2.1 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "psirt@fortinet.com",
|
|
"DATE_PUBLIC": "2017-11-17T00:00:00",
|
|
"ID": "CVE-2017-7736",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Fortinet FortiWeb",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "FortiWeb 5.8.0, 5.7.1 and earlier"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Fortinet, Inc."
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site Scripting (XSS)"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://fortiguard.com/advisory/FG-IR-17-131",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://fortiguard.com/advisory/FG-IR-17-131"
|
|
},
|
|
{
|
|
"name": "101916",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/101916"
|
|
}
|
|
]
|
|
}
|
|
} |