PSIRT Advisory

Potential Cross Site Scripting Vulnerability in FortiDB

Summary

FortiDB does not sanitize user input properly under limited circumstances. The vulnerability could allow an attacker to inject malicious script code.

Description

FortiDB does not sanitize user input properly under limited circumstances. The vulnerability could allow an attacker to inject malicious script code.

Impact

Cross Site Scripting

Affected Products

FortiDB-2000B FortiDB-1000C FortiDB-400C

Solutions

Upgrade to FortiDB v4.4.2.

Acknowledgement

Benjamin Kunz Mejri of Vulnerability Laboratory Research Team