FortiNAC - Stored XSS triggering RCE via license key forgery


An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiNAC License Management would permit an authenticated attacker to trigger remote code execution via crafted licenses.

Affected Products

FortiNAC-F version 7.2.0
FortiNAC version 9.4.0 through 9.4.2
FortiNAC 9.2 all versions
FortiNAC 9.1 all versions
FortiNAC 8.8 all versions
FortiNAC 8.7 all versions


Please upgrade to FortiNAC-F version 7.2.1 or above
Please upgrade to FortiNAC version 9.4.3 or above


Fortinet is pleased to thank Ilya "E Liu Ha" Polyakov, Angara Security for bringing this issue to our attention under responsible disclosure.


2023-04-13: Initial publication