An improper neutralization of input during web page generation vulnerability (βCross-site Scriptingβ) [CWE-79] in FortiWLM may allow an authenticated attacker to perform a stored cross site scripting attack (XSS) via storing malicious payloads and trigger the attack on victimβs client via various endpoints.