Fortinet FortiWebManager is a web application firewall from Fortinet, Inc. A cross-site scripting vulnerability exists in Fortinet FortiWebManager versions 6.2.3 and 6.0.2 and below, which stems from a lack of checksum filtering of user-supplied and output data, and can be exploited by attackers to The vulnerability injects malicious script tags through the name description comment parameter of each part of the device.