PSIRT Advisory

FortiADC Cross-Site Scripting Vulnerability

Description

The web administration interface on FortiADC D-series versions 3.2.0 and lower have a reflective cross-site scripting vulnerability in the locale parameter.

Impact

Cross Site Scripting

Affected Products

FortiADC D-series 3.2.0 and lower. This does not affect FortiADC E-series products.

Solutions

Upgrade to FortiADC D-series version 3.2.1 or higher.

Acknowledgement

William Costa