XSS vulnerability in the UserID of Admin Users in FortiNAC
Summary
An improper neutralization of input vulnerability in FortiNAC may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.
Affected Products
FortiNAC version 8.7.2 and below.
Solutions
Please upgrade to FortiNAC 8.7.3 or above.
Acknowledgement
Fortinet is pleased to thank Johnatan Camargo from Itaú Unibanco for reporting
this vulnerability under responsible disclosure.