{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T20:08:52.716","vulnerabilities":[{"cve":{"id":"CVE-2019-6697","sourceIdentifier":"psirt@fortinet.com","published":"2025-03-17T14:15:16.567","lastModified":"2025-07-24T20:15:34.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0 through 6.2.1, 6.0.0 through 6.0.6 in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site Scripting attack (XSS) by sending a crafted DHCP packet."},{"lang":"es","value":"Una vulnerabilidad de neutralización inadecuada de entrada que afecta a FortiGate versiones 6.2.0 a 6.2.1, 6.0.0 a 6.0.6 en el parámetro de nombre de host de un paquete DHCP en la página de monitoreo DHCP puede permitir que un atacante no autenticado en la misma red que FortiGate realice un ataque de cross site scripting (XSS) almacenado enviando un paquete DHCP manipulado."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.7","matchCriteriaId":"A06EF27A-27FD-4C4D-8773-5A6217C6A6DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndExcluding":"6.2.2","matchCriteriaId":"C41693AB-F242-42BC-91EE-70D4D0EC8B32"}]}]}],"references":[{"url":"https://fortiguard.com/advisory/FG-IR-19-184","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}