This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote host is affected by a cross-site scripting vulnerability.
The version of Fortinet FortiOS running on the remote device is 5.0.x
or 5.2.x prior to 5.2.11. It is, therefore, affected by a stored
cross-site scripting (XSS) vulnerability due to improper validation of
user-supplied input to the 'global-label' parameter. An authenticated,
remote attacker can exploit this, via a specially crafted request, to
execute arbitrary script code in a user's browser session.
See also :
Upgrade to Fortinet FortiOS version 5.2.11 or later.
Risk factor :
Low / CVSS Base Score : 3.5
CVSS Temporal Score : 2.9
Public Exploit Available : true