FortiOS web GUI logindisclaimer redir parameter XSS vulnerability
Cross-site scripting (XSS)
Branch 5.6: FortiOS 5.6.0
Branch 5.4: FortiOS 5.4.0 to 5.4.5
Other branches are not affected
Branch 5.6: Upgrade to FortiOS 5.6.1 or above
Branch 5.4: Upgrade to FortiOS 5.4.6 or above.
Fortinet is pleased to thank Starhub Singapore and Andrew Ho, Maximus Consulting, and Donato Onofri of DXC Technology for reporting this vulnerability under responsible disclosure.