Multiple XSS vulnerabilities in FortiSandbox WebUI
Description
The Web User Interface of FortiSandbox version 2.0.4 and below is vulnerable to multiple reflected Cross-Site Scripting vulnerabilities.5 potential XSS vectors were identified:
* Fortiview threats by users search filtered by serial
* Fortiview threats by users search filtered by vdom
* Export report feature in the Fortiview search page
* Screenshot download generated by the VM scan feature
* PCAP file download generated by the VM scan feature