Fortinet FortiOS 5.4.x < 5.4.6 / 5.6.x < 5.6.1 XSS (FG-IR-17-113)
Medium Nessus Plugin ID 104274
SynopsisThe remote host is affected by a cross-site scripting (XSS) vulnerability.
DescriptionThe version of Fortinet FortiOS running on the remote device is 5.4 prior to 5.4.6 or 5.6 prior to 5.6.1. It is, therefore, affected by a cross-site scripting (XSS) vulnerability in the FortiOS web GUI 'Login Disclaimer' redir parameter.
SolutionUpgrade to Fortinet FortiOS version 5.4.6 / 5.6.1 or later.