XSS vulnerability in the UserID of Admin Users in FortiNAC
An improper neutralization of input vulnerability in FortiNAC may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.
FortiNAC version 8.7.2 and below.
Please upgrade to FortiNAC 8.7.3 or above.
Fortinet is pleased to thank Johnatan Camargo from Itaú Unibanco for reporting
this vulnerability under responsible disclosure.