CVE-2025-58412

Name of the Vulnerable Software and Affected Versions Fortinet FortiADC versions 7.2 all versions Fortinet FortiADC versions 7.4 all versions Fortinet FortiADC versions 7.6.0 through 7.6.3 Fortinet FortiADC version 8.0.0

Description The software contains an improper neutralization of script-related HTML tags in a web page, leading to a basic cross-site scripting (XSS) condition. This may allow an attacker to execute unauthorized code or commands through a specially crafted URL. The issue affects the admin interfaces, potentially leading to session hijacking.

Recommendations FortiADC version 7.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability. FortiADC version 7.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability. FortiADC versions 7.6.0 through 7.6.3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. FortiADC version 8.0.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.