cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-22304,https://securityvulnerability.io/vulnerability/CVE-2022-22304,,An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAuthenticator OWA Agent for Microsoft version 2.2 and 2.1 may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.,Fortinet,Fortinet Fortiauthenticator Outlookagent,6.1,MEDIUM,0.0008900000248104334,false,false,false,false,,false,false,2022-07-18T16:35:28.000Z,0
CVE-2021-26116,https://securityvulnerability.io/vulnerability/CVE-2021-26116,,An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.,Fortinet,Fortinet Fortiauthenticator,6.7,MEDIUM,0.0016799999866634607,false,false,false,false,,false,false,2022-04-06T16:00:51.000Z,0
CVE-2021-43068,https://securityvulnerability.io/vulnerability/CVE-2021-43068,,A improper authentication in Fortinet FortiAuthenticator version 6.4.0 allows user to bypass the second factor of authentication via a RADIUS login portal.,Fortinet,Fortinet Fortiauthenticator,5.4,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2021-12-09T09:38:37.000Z,0
CVE-2021-43067,https://securityvulnerability.io/vulnerability/CVE-2021-43067,,"A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version 6.2.1 and below, version 6.1.2 and below, version 6.0.7 to 6.0.1 allows attacker to duplicate a target LDAP user 2 factors authentication token via crafted HTTP requests.",Fortinet,Fortinet Fortiauthenticator,8.3,HIGH,0.00482999999076128,false,false,false,false,,false,false,2021-12-08T11:22:39.000Z,0
CVE-2021-22124,https://securityvulnerability.io/vulnerability/CVE-2021-22124,,"An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.",Fortinet,"Fortinet Fortisandbox, Fortiauthenticator",7.5,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2021-08-04T18:18:25.000Z,0