
PEACH
Un cadre d’isolation des locataires
CVE-2026-23573 is a Cross-Site Scripting (XSS) vulnerability in Fortinet's SSL-VPN Agentless component affecting FortiOS, FortiProxy, and FortiPAM. It was disclosed on July 14, 2026, via Fortinet's PSIRT advisory (FG-IR-26-150). Affected versions include FortiOS 7.6.0–7.6.6, FortiOS 7.4 and 7.2 (all versions), FortiPAM 1.0–1.8.0, and FortiProxy 7.4.0–7.4.3 and 7.2.0–7.2.9. The vulnerability carries a CVSS v3.1 base score of 6.1 (Medium) and was reported to Fortinet by the UK's National Cyber Security Centre (NCSC) under responsible disclosure (FortiGuard Advisory).
The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation — Cross-site Scripting) and resides specifically in the Agentless SSL-VPN component of the affected Fortinet products. An authenticated remote attacker can send crafted HTTP requests that inject malicious scripts into web pages generated by the SSL-VPN interface, potentially leading to code or command execution in the context of a victim's browser session. Exploitation requires user interaction (e.g., a victim clicking a malicious link or visiting a crafted page), and the vulnerability only has impact when the Agentless SSL-VPN feature is enabled (FortiGuard Advisory).
Successful exploitation allows an authenticated attacker to execute arbitrary code or commands in the context of another user's browser session via reflected XSS, resulting in low confidentiality and integrity impacts with no direct availability impact. The scope is changed (S:C), meaning the attack can affect resources beyond the vulnerable component itself, such as session tokens or credentials of other authenticated users. If the Agentless SSL-VPN feature is not enabled, there is no impact (FortiGuard Advisory).
<script> tag or event handler into a vulnerable input parameter processed by the Agentless SSL-VPN interface).<script>, javascript:, onerror=, onload=) in query parameters or form fields; unexpected outbound connections from client browsers to unknown external hosts after interacting with the SSL-VPN portal.Fortinet has released patched versions: FortiOS 7.6.7 or above (for 7.6.x users), FortiPAM 1.8.1 or above (for 1.8.0 users), FortiProxy 7.4.4 or above (for 7.4.x users), and FortiProxy 7.2.10 or above (for 7.2.x users). Users on FortiOS 7.4 or 7.2 (all versions) and FortiPAM versions prior to 1.8 should migrate to a fixed release. As a workaround, disabling the Agentless SSL-VPN feature entirely eliminates the attack surface, as the vulnerability only affects this specific component. A virtual patch named FG-VD-60129.0day is also available in FMWP database update 26.021 for environments that cannot immediately upgrade (FortiGuard Advisory).
The vulnerability was reported to Fortinet by the UK's National Cyber Security Centre (NCSC) under responsible disclosure, indicating coordinated handling prior to public release. Security news outlets such as CyberSecurityNews covered the disclosure as part of a broader Fortinet patch release addressing seven vulnerabilities across FortiOS, FortiProxy, FortiPAM, and FortiSandbox (CyberSecurityNews). No significant independent researcher commentary or social media controversy has been observed at this time.
Source: Ce rapport a été généré à l’aide de l’IA
Évaluation gratuite des vulnérabilités
Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.
Obtenez une démo personnalisée
"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."