PSIRT Advisory

Cross-site scripting (XSS) vulnerability via DHCP Hostname parameter

Summary

An attacker could send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while viewing the logs in FortiAnalyzer and FortiManager (with FortiAnalyzer feature enabled).

Impact

Cross-site Scripting (XSS)

Affected Products

FortiAnalyzer 5.6.0 and below versions.
FortiManager 5.6.0 and below versions.

Solutions

Upgrade to FortiAnalyzer 5.6.1 or above.
Upgrade to FortiManager 5.6.1 or above.

Acknowledgement

Fortinet is pleased to thank Adrian Dabrowski of SBA Research gGmbH Sitz for reporting this vulnerability under responsible disclosure.