Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A cross-site scripting vulnerability exists that can be exploited by attackers to execute stored cross-site scripting (XSS) attacks via URL parameters observed in FortiAnalyzerβs FortiWeb attack event log view.