CVE-2025-61886

Name of the Vulnerable Software and Affected Versions FortiSandbox versions 5.0.0 through 5.0.4 FortiSandbox PaaS versions 5.0.0 through 5.0.4

Description An improper neutralization of input during web page generation allows a remote attacker to perform cross-site scripting (XSS) attacks using specially crafted HTTP requests. XSS is a flaw where an application includes untrusted data in a web page without proper validation or escaping, allowing the execution of malicious scripts in the victim's browser.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.