← Home
Reflected XSS in Operation Center
Source: fortinet / FG-IR-26-109
— original advisory
Published: 2026-04-14
· Last updated: 2026-04-14
· Vendor severity: Not rated by vendor
CVEs
| CVE | CVSS | CWE | Exploitation |
| CVE-2025-61886 |
4.9 |
CWE-79: Cross-Site Scripting (XSS) |
Not observed in the wild |
Affected Products
| Product | Affected versions | Fixed version |
| FortiSandbox |
5.0.4 |
Not specified by vendor |
| FortiSandbox |
5.0.3 |
Not specified by vendor |
| FortiSandbox |
5.0.2 |
Not specified by vendor |
| FortiSandbox |
5.0.1 |
Not specified by vendor |
| FortiSandbox |
5.0.0 |
Not specified by vendor |
| FortiSandbox PaaS |
5.0.4 |
Not specified by vendor |
| FortiSandbox PaaS |
5.0.3 |
Not specified by vendor |
| FortiSandbox PaaS |
5.0.2 |
Not specified by vendor |
| FortiSandbox PaaS |
5.0.1 |
Not specified by vendor |
| FortiSandbox PaaS |
5.0.0 |
Not specified by vendor |