PSIRT Advisories
FortiOS -- XSS vulnerability in the Login page when FortiCloud Sign-in is used
Summary
An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with FortiCloud" button is clicked.
Affected Products
FortiOS version 7.2.0 through 7.2.3FortiOS version 7.0.0 through 7.0.7
Solutions
Please upgrade to FortiOS version 7.2.4 or abovePlease upgrade to FortiOS version 7.0.8 or above
Workaround:
Disable "Sign in with FortiCloud" feature using the below command
config system global
Disable "Sign in with FortiCloud" feature using the below command
config system global
set admin-forticloud-sso-login disable
end
and use other authentication methods to login to FortiGate.