A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
[
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "FortiOS versions 5.6.0 and earlier"
}
]
}
]