EPSS
Percentile
22.9%
A improper neutralization of input during web page generation (‘cross-site scripting’) [CWE-79] in FortiOS may allow a privileged attacker to perform a stored XSS attack via storing malicious payloads in replacement messages.