CVE-2025-58412_CVE-2025-58412

4.2 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C

Description

A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in Fortinet FortiADC 8.0.0, FortiADC 7.6.0 through 7.6.3, FortiADC 7.4 all versions, FortiADC 7.2 all versions may allow attacker to execute unauthorized code or commands via crafted URL.

Basic Information

ID CVE-2025-58412

Source fortinet

Published Nov 19, 2025 at 09:49

Affected Product

Vendor Fortinet

Product FortiADC

Version 8.0.0

Affected Versions Fortinet FortiADC 8.0.0
Fortinet FortiADC 7.6.0
Fortinet FortiADC 7.4.0
Fortinet FortiADC 7.2.0

CWE Classification

CWE-80

References

fortiguard.fortinet.com /psirt/FG-IR-25-736

{
    "lastseen": "",
    "description": "A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in Fortinet FortiADC 8.0.0, FortiADC 7.6.0 through 7.6.3, FortiADC 7.4 all versions, FortiADC 7.2 all versions may allow attacker to execute unauthorized code or commands via crafted URL.",
    "published": "2025-11-19T09:49:04.525Z",
    "modified": "2025-11-19T09:49:04.525Z",
    "type": "cve",
    "title": "CVE-2025-58412",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-25-736",
    "id": "CVE-2025-58412",
    "bulletinFamily": "",
    "cwe": [
        "CWE-80"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiADC 8.0.0\nFortinet FortiADC 7.6.0\nFortinet FortiADC 7.4.0\nFortinet FortiADC 7.2.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiADC",
    "version": "8.0.0",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}