FortiWeb Multiple Vulnerabilities
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-13-009
Final
1
1
2014-02-13T00:00:00
Current version
2014-02-13T00:00:00
2014-02-13T00:00:00
FortiWeb 5.0.2 and lower are vulnerable to cross-site scripting (CVE-2014-1955), HTTP header injection (CVE-2014-1956) and privilege escalation (CVE-2014-1957) issues.
Script execution and privilege elevation.
FortiWeb 4.4.7 and lower.FortiWeb 5.0.2 and lower.
Upgrade to FortiWeb 5.0.3 or higher.
Robert van Hamburg of Intermax Security
FortiWeb Multiple Vulnerabilities
CVE-2014-1955
CVE-2014-1956
CVE-2014-1957
https://fortiguard.fortinet.com/psirt/FG-IR-13-009
FortiWeb Multiple Vulnerabilities
Reference>