CNNVD-202602-1626 Information
CNNVD ID
CNNVD-202602-1626
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
Fortinet FortiSandbox是美国飞塔(Fortinet)公司的一款APT(高级持续性威胁)防护设备。该设备提供双重沙盒技术、动态威胁智能系统、实时控制面板和报告等功能。 Fortinet FortiSandbox 5.0.0版本至5.0.1版本、4.4.0版本至4.4.7版本、4.2所有版本和4.0所有版本存在跨站脚本漏洞,该漏洞源于Web页面生成期间输入中和不当,可能导致执行命令。
Description (English)
Fortinet FortiSandbox is an APT (Advanced Continuing Threat) protection unit of Fortinet. The equipment provides dual sandbox technology, dynamic threat intelligence systems, real-time control panels and reporting. Fortinet FortiSandbox version 5.0.0 to version 5.0.1, version 4.4.0 to version 4.4.7, all version 4.2 and all version 4.0 have a cross-site script loophole, which originates from inappropriate input during web page generation and may lead to the execution of the command.
Vulnerability Type
跨站脚本
Affected Vendor
飞塔
Published
2026-02-10
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-093 https://access.redhat.com/security/cve/cve-2025-52436
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-093
Share on: