FortiADC - Persistent XSS in Log pages
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via HTTP fields observed in the traffic and event logviews.
Affected ProductsFortiADC version 7.0.0 through 7.0.2
FortiADC version 6.2.0 through 6.2.3
SolutionsPlease upgrade to FortiADC version 7.1.0 or above
Please upgrade to FortiADC version 7.0.3 or above
Please upgrade to FortiADC version 6.2.4 or above