Vulnerabilities > Fortinet > Fortiwlc > 8.4.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-08 | CVE-2021-42758 | Incorrect Authorization vulnerability in Fortinet Fortiwlc An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions. | 9.0 |
2020-06-22 | CVE-2020-9288 | Cross-site Scripting vulnerability in Fortinet Fortiwlc An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile. | 3.5 |