CVE-2020-15940

Published: 2021-11-02T18:15Z

Last Modified: 2024-11-21T05:06Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated attacker to inject malicious script/tags via the name parameter of various sections of the server. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt