Reflected XSS in Operation Center
CVSSv3 Score: 4.9 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiSandbox and FortiSandbox Cloud may allow an attacker to perform an XSS attack via crafted HTTP requests. Revised on 2026-04-14 00:00:00
CSIRTS triage
- What
- There is a reflected XSS vulnerability that allows an attacker to perform an XSS attack via crafted HTTP requests.
- Who is affected
- Deployments of FortiSandbox and FortiSandbox Cloud.
- Urgency
- Remediation is necessary due to the potential for XSS attacks, which can lead to session hijacking or other malicious actions.
- Action
- Update to the latest version of FortiSandbox to mitigate this vulnerability.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch FortiSandbox
Get an email when a new FortiSandbox advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://fortiguard.fortinet.com/psirt/FG-IR-26-109
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2025-618860.27% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 19% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2025-61886 | coverage & exploitation status | NVD · CVE.org |
Recent advisories for Reflected XSS in
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- unknownCVE-2026-10770: Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerabi…nvd · 2026-07-10
- mediumGHSA-r5xw-gcgw-hwp5: YesWiki Vulnerable to Reflected XSS via Unescaped `id` Parameter in Bazar Widget HTML Att…ghsa · 2026-07-09
- mediumGHSA-35f3-pg38-486f: YesWiki Vulnerable to Reflected XSS via Unescaped Archived-Revision `time` Parameter in `…ghsa · 2026-07-09
- mediumCVE-2026-5793: Improper neutralization of input during web page generation ('cross-site scripting') vulnerabil…nvd · 2026-07-09
- mediumCVE-2026-8310: Improper neutralization of input during web page generation ('cross-site scripting') vulnerabil…nvd · 2026-07-08
- highCVE-2026-57678: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabi…nvd · 2026-07-02
More from Fortinet FortiGuard PSIRT
- unknownSecond-Order OS Command Injection via JSON Input on start vnc feature2026-06-09
- unknownImproper access control in API endpoints2026-06-09
- unknownRestricted CLI escape using Lua2026-06-09
- unknownLinux Kernel vulnerability Dirty Frag2026-06-03
- unknownLinux Kernel Vulnerability copy.fail - CVE-2026-314312026-05-13