Metrics
Affected Vendors & Products
Configuration 1 [-]
|
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Fortinet
Subscribe
|
Fortisandbox
Subscribe
|
No advisories yet.
Solution
Upgrade to FortiSandbox version 5.0.3 or above Upgrade to FortiSandbox version 4.4.8 or above Fortinet remediated this issue in FortiSandbox Cloud version 5.0.5 and hence customers do not need to perform any action.
Workaround
No workaround given by the vendor.
| Link | Providers |
|---|---|
| https://fortiguard.fortinet.com/psirt/FG-IR-26-091 |
|
Thu, 12 Mar 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:* |
Thu, 12 Mar 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 10 Mar 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated privileged attacker to execute code via crafted requests. | |
| First Time appeared |
Fortinet
Fortinet fortisandbox |
|
| Weaknesses | CWE-79 | |
| CPEs | cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* |
|
| Vendors & Products |
Fortinet
Fortinet fortisandbox |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published:
Updated: 2026-03-12T14:28:29.842Z
Reserved: 2025-07-07T07:40:26.787Z
Link: CVE-2025-53608
Vulnrichment
Updated: 2026-03-12T14:28:25.917Z
NVD
Status : Analyzed
Published: 2026-03-10T18:17:57.970
Modified: 2026-03-12T21:18:33.917
Link: CVE-2025-53608
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-03-11T11:49:27Z