What is CVE-2020-15937?

CVE-2020-15937 is a medium-severity vulnerability in Fortinet Fortios. CVSS score: 4.7/10. Published 2021-03-03.

How severe is CVE-2020-15937?

Medium severity. CVSS v3 base score is 4.7 out of 10.

Vulnerability in Fortinet Fortios

CVE-2020-15937

An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard.

EPSS: 0.003 (50.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.7 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N.

Affected products

Fortinet Fortios — versions FortiOS 6.4.1, 6.2.5

References

fortiguard.com/advisory/FG-IR-20-068 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-15937?: CVE-2020-15937 is a medium-severity vulnerability in Fortinet Fortios. CVSS score: 4.7/10. Published 2021-03-03.
How severe is CVE-2020-15937?: Medium severity. CVSS v3 base score is 4.7 out of 10.