PSIRT

FortiOS/FortiProxy - SSL VPN portal is vulnerable to an XSS

Summary

Failure to sanitize input in the SSL VPN web portal may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.

Affected Products

FortiGate versions 5.6.13 and below.
FortiGate versions 6.0.12 and below.
FortiGate versions 6.2.7 and below.
FortiGate versions 6.4.5 and below.
FortiProxy version 2.0.0 through 2.0.1
FortiProxy version 1.2.0 through 1.2.9

Solutions

Please upgrade to FortiGate version 6.0.13 or above.
Please upgrade to FortiGate version 6.2.8 or above.
Please upgrade to FortiGate version 6.4.6 or above.
Please upgrade to FortiGate version 7.0.0 or above.

For new high-end F-Series Models (FG-1800F, FG-3800F, FG-4200F, FG-4400F) please upgrade to 6.2.9

Please upgrade to FortiProxy version 2.0.2 or above.
Please upgrade to FortiProxy version 1.2.10 or above.

Acknowledgement

Fortinet is pleased to thank Damian Rusinek for reporting this issue under responsible disclosure.

IR Number	FG-IR-20-199
Date	Jun 1, 2021
Component	GUI
Severity	Medium
CVSSv3 Score	4.6
Impact	Execute unauthorized code or commands.
CVE ID	CVE-2021-26092
CVRF	Download
Language

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

PSIRT

FortiOS/FortiProxy - SSL VPN portal is vulnerable to an XSS

Summary

Affected Products

Solutions

Acknowledgement

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

PSIRT

FortiOS/FortiProxy - SSL VPN portal is vulnerable to an XSS

Summary

Affected Products

Solutions

Acknowledgement

Threat Intelligence
Center