Vulnerability Details CVE-2025-58412
A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in Fortinet FortiADC 8.0.0, FortiADC 7.6.0 through 7.6.3, FortiADC 7.4 all versions, FortiADC 7.2 all versions may allow attacker to execute unauthorized code or commands via crafted URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.8%
CVSS Severity
CVSS v3 Score 4.7
Products affected by CVE-2025-58412
-
cpe:2.3:a:fortinet:fortiadc:7.2.0
-
cpe:2.3:a:fortinet:fortiadc:7.2.1
-
cpe:2.3:a:fortinet:fortiadc:7.2.2
-
cpe:2.3:a:fortinet:fortiadc:7.2.3
-
cpe:2.3:a:fortinet:fortiadc:7.2.4
-
cpe:2.3:a:fortinet:fortiadc:7.2.5
-
cpe:2.3:a:fortinet:fortiadc:7.2.6
-
cpe:2.3:a:fortinet:fortiadc:7.2.7
-
cpe:2.3:a:fortinet:fortiadc:7.2.8
-
cpe:2.3:a:fortinet:fortiadc:7.4.0
-
cpe:2.3:a:fortinet:fortiadc:7.4.1
-
cpe:2.3:a:fortinet:fortiadc:7.4.2
-
cpe:2.3:a:fortinet:fortiadc:7.4.3
-
cpe:2.3:a:fortinet:fortiadc:7.4.4
-
cpe:2.3:a:fortinet:fortiadc:7.4.5
-
cpe:2.3:a:fortinet:fortiadc:7.4.6
-
cpe:2.3:a:fortinet:fortiadc:7.4.7
-
cpe:2.3:a:fortinet:fortiadc:7.4.8
-
cpe:2.3:a:fortinet:fortiadc:7.6.0
-
cpe:2.3:a:fortinet:fortiadc:7.6.1
-
cpe:2.3:a:fortinet:fortiadc:7.6.2
-
cpe:2.3:a:fortinet:fortiadc:7.6.3
-
cpe:2.3:a:fortinet:fortiadc:8.0.0