{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T11:04:24.730","vulnerabilities":[{"cve":{"id":"CVE-2025-53608","sourceIdentifier":"psirt@fortinet.com","published":"2026-03-10T18:17:57.970","lastModified":"2026-03-12T21:18:33.917","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated privileged attacker to execute code via crafted requests."},{"lang":"es","value":"Una vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('cross-site scripting') [CWE-79] vulnerabilidad en Fortinet FortiSandbox 5.0.0 hasta 5.0.2, FortiSandbox 4.4.0 hasta 4.4.7, FortiSandbox 4.2 todas las versiones, FortiSandbox 4.0 todas las versiones puede permitir a un atacante privilegiado autenticado ejecutar código a través de solicitudes manipuladas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.4.8","matchCriteriaId":"C0B145A7-83A1-4ED2-A9DC-109CAB0AB217"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.3","matchCriteriaId":"7A1CEA31-8309-4B13-8A3C-4830394A728D"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-091","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}