FortiOS stored XSS vulnerability in the policy global-label parameter

Summary

FortiOS is subject to a Cross-Site Scripting vulnerability, due to an improperly sanitized parameter in a hidden CLI configuration setting named 'global-label' . This can however only be exploited by an administrator with write privileges.

Affected Products

FortiOS versions 5.2.0 through 5.2.10
FortiOS 5.0 all versions
FortiOS version 4.3.x is NOT vulnerable

 

Solutions

Please upgrade to FortiOS versions 5.2.11 or above.
Please upgrade to FortiOS versions 5.4.0 or above.

Acknowledgement

Fortinet is pleased to thank Mohamed Keffous from CAP GEMINI/SOGETI for reporting this vulnerability under responsible disclosure.