CVE-2025-58412

Summary

A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in Fortinet FortiADC 8.0.0, FortiADC 7.6.0 through 7.6.3, FortiADC 7.4 all versions, FortiADC 7.2 all versions may allow attacker to execute unauthorized code or commands via crafted URL.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiADC8.0.0affected
FortinetFortiADC7.6.0 <= 7.6.3affected
FortinetFortiADC7.4.0 <= 7.4.9affected
FortinetFortiADC7.2.0 <= 7.2.8affected

Weaknesses

  • CWE-80: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References