FortiGate
FortiAnalyzer
FortiClient
FortiWeb
FortiADC
FortiAuthenticator
FortiCNP
FortiDDoS
FortiDeceptor
FortiEDR
FortiMail
FortiNDR
FortiPAM
FortiPolicy
FortiProxy
FortiRecon
FortiSandBox
FortiSASE
FortiSIEM
FortiTester
For both the and the tag, it is possible to inject parameter values that do not get escaped properly when the tag's resulting URLs are constructed and rendered. The following scenarios are known:
Apache Struts