CVE-2014-2336

CVE Database · CVE-2014-2336

CVE-2014-2336

· N/AModified

CVSS v3.1

N/A

EPSS

1.79%

Published

Oct 31, 2014

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.

Weaknesses (CWE)

CWE-79

Affected Products (2)

fortinet · fortimanagervulnerable

fortinet · fortianalyzer_firmwarevulnerable

References (8)

http://secunia.com/advisories/61309

http://www.fortiguard.com/advisory/FG-IR-14-033/

Vendor Advisory

http://www.securityfocus.com/bid/70889

https://exchange.xforce.ibmcloud.com/vulnerabilities/98479

http://secunia.com/advisories/61309

http://www.fortiguard.com/advisory/FG-IR-14-033/

Vendor Advisory

http://www.securityfocus.com/bid/70889

https://exchange.xforce.ibmcloud.com/vulnerabilities/98479

KEV Catalog EPSS Scores Vendors All CVEs