Headline

CVE-2022-41334: Fortiguard

An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the “redir” parameter of the URL seen when the “Sign in with FortiCloud” button is clicked.

1 year ago

CVE

Open in Source

#xss #vulnerability #web #ios #auth

** PSIRT Advisories**

FortiOS – XSS vulnerability in the Login page when FortiCloud Sign-in is used

Summary

An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the “redir” parameter of the URL seen when the “Sign in with FortiCloud” button is clicked.

Affected Products

FortiOS version 7.2.0 through 7.2.3
FortiOS version 7.0.0 through 7.0.7

Solutions

Please upgrade to FortiOS version 7.2.4 or above
Please upgrade to FortiOS version 7.0.8 or above

Workaround:
Disable “Sign in with FortiCloud” feature using the below command
config system global

set admin-forticloud-sso-login disable

end

and use other authentication methods to login to FortiGate.

Acknowledgement

Fortinet is pleased to thank Gabriel Ottoboni for reporting this vulnerability under responsible disclosure.