Vulnerabilities > Fortinet > Fortianalyzer Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-31 | CVE-2014-2334 | Cross-Site Scripting vulnerability in Fortinet Fortianalyzer Firmware Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336. | 4.3 |
| 2013-11-20 | CVE-2013-6826 | Cross-Site Request Forgery (CSRF) vulnerability in Fortinet products cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks. | 6.8 |