CVSSv3 Score:
4.1
An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) [CWE-79] in FortiSIEM’s error page may allow a remote unauthenticated attacker to provide arbitrary data enabling a social engineering attack via spoofed URL parameters.
Revised on 2026-03-10 00:00:00
