FortiSandbox is a web-based sandboxing solution used to analyze and contain malware. This vulnerability allows an attacker to perform cross-site scripting (XSS) attacks via crafted HTTP requests, potentially leading to unauthorized code execution or commands.
Affected versions: 5.0.2, 4.4.7 If you don't recognise this software, you're probably not affected.
Upgrade to FortiSandbox 5.0.3 or above from the Fortinet website.
- Alternatively, upgrade to FortiSandbox 4.4.8 or above for versions 4.4 and 4.2.
Immediate mitigations:
- Restrict network access to your FortiSandbox instance (firewall it from the public internet).
- Audit admin account activity for suspicious access patterns.
- Monitor for unauthorized token creation.