PSIRT Advisories

FortiPortal - XSS vulnerability

Summary

An improper neutralization of input during web page generation vulnerability (CWE-79) in FortiPortal GUI may allow a remote and unauthenticated attacker to perform an XSS attack via sending a crafted request with an invalid lang parameter or with an invalid org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE value.

Affected Products

FortiPortal 6.0.4 and below.
FortiPortal 5.3.5 and below.
FortiPortal 5.2.5 and below.
FortiPortal 5.1.2 and below.
FortiPortal 5.0.3 and below.
FortiPortal 4.2.4 and below.
FortiPortal 4.1.2 and below.
FortiPortal 4.0.4 and below.

Solutions

Please Upgrade to FortiPortal 6.0.5 or above.

Acknowledgement

Fortinet is pleased to thank Ben Knight from CyberCX for reporting this vulnerability under responsible disclosure.