SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Fortinet FortiOS redir parameter cross site scripting attempt
This event is generated when an authenticated user injects arbitrary web code or HTML in the context of the victim's browser via the login redir parameter. Impact: Allows unauthorized modification Details: An URL Redirection Attack may also enable an authenticated user to redirect the victim to an arbitrary URL, via the redir parameter. The rule checks for these issues within the redir parameter. Ease of Attack: Medium; Authentication is required to exploit
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2017-14186 |
Loading description
|