SSD Advisory – Fortigate DHCP Stored XSS
Vulnerability SummaryThe following advisory describes a Stored XSS Vulnerability found in Fortinet’s Fortigate Firewall(FortiOS) via an unauthenticated DHCP packet.CVECVE-2019-6697CreditAn independent Security Researcher, Toshitsugu Yoneyama, has reported this vulnerability to SSD Secure Disclosure program.Affected systemsFortiOS v6.0.4 build 0231.Vendor ResponseFortigate has fixed the vulnerability in FortiOS version 6.2.2Vulnerability DetailsAn unauthenticated attacker can trigger a Stored XSS Vulnerability …
