CVE-2021-26092

Name of the Vulnerable Software and Affected Versions FortiOS versions 5.2.10 through 5.2.15 FortiOS versions 5.4.0 through 5.4.13 FortiOS versions 5.6.0 through 5.6.14 FortiOS versions 6.0.0 through 6.0.12 FortiOS versions 6.2.0 through 6.2.7 FortiOS versions 6.4.0 through 6.4.4 FortiProxy versions 1.2.0 through 1.2.9 FortiProxy versions 2.0.0 through 2.0.1

Description The issue is related to the failure to sanitize input in the SSL VPN web portal, which may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack. This can be achieved by sending a request to the error page with malicious GET parameters, such as malicious get parameter. The attack does not require authentication and can be performed remotely.

Recommendations For FortiOS versions 5.2.10 through 5.2.15, update to a version outside of this range to mitigate the risk. For FortiOS versions 5.4.0 through 5.4.13, update to a version outside of this range to mitigate the risk. For FortiOS versions 5.6.0 through 5.6.14, update to a version outside of this range to mitigate the risk. For FortiOS versions 6.0.0 through 6.0.12, update to a version outside of this range to mitigate the risk. For FortiOS versions 6.2.0 through 6.2.7, update to a version outside of this range to mitigate the risk. For FortiOS versions 6.4.0 through 6.4.4, update to a version outside of this range to mitigate the risk. For FortiProxy versions 1.2.0 through 1.2.9, update to a version outside of this range to mitigate the risk. For FortiProxy versions 2.0.0 through 2.0.1, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the error page in the SSL VPN web portal to minimize the risk of exploitation.