An improper neutralization of input vulnerability in the Admin Profile of FortiAnalyzer may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the Description Area.
[
{
"product": "Fortinet FortiAnalyzer",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FortiAnalyzer 6.2.3, 6.2.2"
}
]
}
]