PT-2026-32691 · Fortinet · Fortisandbox+1
Published
2026-04-14
·
Updated
2026-04-14
·
CVE-2026-39812
CVSS v3.1
4.8
Medium
| AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8, FortiSandbox PaaS 4.2 all versions may allow attacker to execute unauthorized code or commands via
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortisandbox
Fortisandbox Paas