FortiSandbox - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters.
Affected Products
FortiSandbox 3.2.2 and below.FortiSandbox 3.1.4 and below.
Solutions
Upgrade to version 4.0.0Â or above.
Upgrade to version 3.2.3 or above.