CVE-2025-52436 – Fortinet FortiSandbox Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-52436

Published : Feb. 10, 2026, 3:39 p.m. | 42 minutes ago

Description : An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an unauthenticated attacker to execute commands via crafted requests.

Severity: 7.9 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…