FortiOS & FortiProxy - Stored XSS in guest management page

Summary

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS and FortiProxy GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.

Version Affected Solution
FortiProxy 7.2 7.2.0 through 7.2.4 Upgrade to 7.2.5 or above
FortiProxy 7.0 7.0.0 through 7.0.10 Upgrade to 7.0.11 or above
FortiOS 7.4 Not affected Upgrade to 7.4.0 or above
FortiOS 7.2 7.2.0 through 7.2.4 Upgrade to 7.2.5 or above
FortiOS 7.0 7.0.0 through 7.0.11 Upgrade to 7.0.12 or above
FortiOS 6.4 6.4.0 through 6.4.12 Upgrade to 6.4.13 or above
FortiOS 6.2 6.2.0 through 6.2.14 Upgrade to 6.2.15 or above
Follow the recommended upgrade path using our tool at: https://docs.fortinet.com/upgrade-tool

Acknowledgement

Internally discovered and reported by William Costa from Fortinet's CSE team

Timeline

2023-09-01: Initial publication