Fortinet Fortiweb

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:fortinet,_inc.:fortinet_fortiweb:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorFortinet, Inc. (773fb5aa-3c05-572f-a299-a4d7a511c4a7)
ProductFortinet Fortiweb (022b1937-f35d-59ba-a112-4bcfa83d9a3e)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2017-7737 vulnerable 2026-06-03 14:37:37.982126 Details available
An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and below versions allows logged-in admin user to view SNMPv3 user password in cleartext in webui via the HTML source code.
Published: 2017-08-10T21:00:00.000Z
Updated: 2024-10-25T14:13:01.451Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7736 vulnerable 2026-06-03 14:37:37.980178 Details available
A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.
Published: 2017-11-22T17:00:00.000Z
Updated: 2024-10-25T14:10:30.990Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3129 vulnerable 2026-06-03 14:37:09.566131 Details available
A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature.
Published: 2017-05-26T22:00:00.000Z
Updated: 2024-10-25T14:13:52.020Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.