CVE-2025-52436
Published: 10 February 2026
Description
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an unauthenticated attacker to execute commands…
more
via crafted requests.
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates XSS by filtering information outputs to neutralize malicious scripts from crafted requests during web page generation.
Prevents exploitation by validating all information inputs from unauthenticated crafted requests to block improper neutralization.
Remediates the specific XSS flaw in vulnerable FortiSandbox versions through identification, testing, and timely patching.
Security SummaryAI
CVE-2025-52436 is an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability (CWE-79) in Fortinet FortiSandbox. The affected versions include FortiSandbox 5.0.0 through 5.0.1, 4.4.0 through 4.4.7, 4.2 all versions, and 4.0 all versions. Published on 2026-02-10, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
An unauthenticated attacker can exploit the vulnerability via crafted requests, which requires user interaction. Successful exploitation may allow the attacker to execute commands, leading to high impacts on confidentiality, integrity, and availability.
Mitigation details are available in the Fortinet PSIRT advisory at https://fortiguard.fortinet.com/psirt/FG-IR-25-093.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a network-accessible (AV:N), unauthenticated (PR:N) XSS in a web management interface (FortiSandbox), directly enabling exploitation of a public-facing application to execute commands via crafted requests requiring user interaction.