PSIRT Advisories

FortiOS -- XSS vulnerability in the Login page when FortiCloud Sign-in is used


An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with FortiCloud" button is clicked.

Affected Products

FortiOS version 7.2.0 through 7.2.3
FortiOS version 7.0.0 through 7.0.7


Please upgrade to FortiOS version 7.2.4 or above
Please upgrade to FortiOS version 7.0.8 or above

Disable "Sign in with FortiCloud" feature using the below command
config system global 
set admin-forticloud-sso-login disable

 and use other authentication methods to login to FortiGate.


Fortinet is pleased to thank Gabriel Ottoboni for reporting this vulnerability under responsible disclosure.