PSIRT

[SSL VPN Portal] Reflected XSS via the error request

Summary

Failure to sanitize input in the SSL VPN web portal may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.

Affected Products

FortiGate versions 5.6.13 and below.
FortiGate versions 6.0.12 and below.
FortiGate versions 6.2.7 and below.
FortiGate versions 6.4.5 and below.
FortiProxy version 2.0.0 through 2.0.1
FortiProxy version 1.2.0 through 1.2.9

Solutions

Please upgrade to FortiGate version 6.0.13 or above.
Please upgrade to FortiGate version 6.2.8 or above.
Please upgrade to FortiGate version 6.4.6 or above.
Please upgrade to FortiGate version 7.0.0 or above.
For new high-end F-Series Models (FG-1800F, FG-3800F, FG-4200F, FG-4400F) please upgrade to 6.2.9
Please upgrade to FortiProxy version 2.0.2 or above.
Please upgrade to FortiProxy version 1.2.10 or above.

Acknowledgement

Fortinet is pleased to thank Damian Rusinek for reporting this issue under responsible disclosure.

Timeline

2021-06-01: Initial publication

IR Number	FG-IR-20-199
Published Date	Jun 1, 2021
Component	GUI
Severity	Medium
CVSSv3 Score	4.6
Impact	Execute unauthorized code or commands
CVE ID
Download	CVRF
Language

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

PSIRT

[SSL VPN Portal] Reflected XSS via the error request

Summary

Affected Products

Solutions

Acknowledgement

Timeline

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

PSIRT

[SSL VPN Portal] Reflected XSS via the error request

Summary

Affected Products

Solutions

Acknowledgement

Timeline

Threat Intelligence
Center