CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-39812

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8, FortiSandbox PaaS 4.2 all versions may allow attacker to execute unauthorized code or commands via <insert attack vector here>

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.8%

CVSS Severity

CVSS v3 Score 4.8

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-110

Products affected by CVE-2026-39812

Fortinet » Fortisandbox » Version: 4.2.0

cpe:2.3:a:fortinet:fortisandbox:4.2.0
Fortinet » Fortisandbox » Version: 4.2.1

cpe:2.3:a:fortinet:fortisandbox:4.2.1
Fortinet » Fortisandbox » Version: 4.2.2

cpe:2.3:a:fortinet:fortisandbox:4.2.2
Fortinet » Fortisandbox » Version: 4.2.3

cpe:2.3:a:fortinet:fortisandbox:4.2.3
Fortinet » Fortisandbox » Version: 4.2.4

cpe:2.3:a:fortinet:fortisandbox:4.2.4
Fortinet » Fortisandbox » Version: 4.2.5

cpe:2.3:a:fortinet:fortisandbox:4.2.5
Fortinet » Fortisandbox » Version: 4.2.6

cpe:2.3:a:fortinet:fortisandbox:4.2.6
Fortinet » Fortisandbox » Version: 4.2.7

cpe:2.3:a:fortinet:fortisandbox:4.2.7
Fortinet » Fortisandbox » Version: 4.2.8

cpe:2.3:a:fortinet:fortisandbox:4.2.8
Fortinet » Fortisandbox » Version: 4.4.0

cpe:2.3:a:fortinet:fortisandbox:4.4.0
Fortinet » Fortisandbox » Version: 4.4.1

cpe:2.3:a:fortinet:fortisandbox:4.4.1
Fortinet » Fortisandbox » Version: 4.4.2

cpe:2.3:a:fortinet:fortisandbox:4.4.2
Fortinet » Fortisandbox » Version: 4.4.3

cpe:2.3:a:fortinet:fortisandbox:4.4.3
Fortinet » Fortisandbox » Version: 4.4.4

cpe:2.3:a:fortinet:fortisandbox:4.4.4
Fortinet » Fortisandbox » Version: 4.4.5

cpe:2.3:a:fortinet:fortisandbox:4.4.5
Fortinet » Fortisandbox » Version: 4.4.6

cpe:2.3:a:fortinet:fortisandbox:4.4.6
Fortinet » Fortisandbox » Version: 4.4.7

cpe:2.3:a:fortinet:fortisandbox:4.4.7
Fortinet » Fortisandbox » Version: 4.4.8

cpe:2.3:a:fortinet:fortisandbox:4.4.8
Fortinet » Fortisandbox » Version: 5.0.0

cpe:2.3:a:fortinet:fortisandbox:5.0.0
Fortinet » Fortisandbox » Version: 5.0.1

cpe:2.3:a:fortinet:fortisandbox:5.0.1
Fortinet » Fortisandbox » Version: 5.0.2

cpe:2.3:a:fortinet:fortisandbox:5.0.2
Fortinet » Fortisandbox » Version: 5.0.3

cpe:2.3:a:fortinet:fortisandbox:5.0.3
Fortinet » Fortisandbox » Version: 5.0.4

cpe:2.3:a:fortinet:fortisandbox:5.0.4
Fortinet » Fortisandbox » Version: 5.0.5

cpe:2.3:a:fortinet:fortisandbox:5.0.5
Fortinet » Fortisandbox Cloud » Version: 22.2.4134

cpe:2.3:a:fortinet:fortisandbox_cloud:22.2.4134
Fortinet » Fortisandbox Cloud » Version: 23.1.4245

cpe:2.3:a:fortinet:fortisandbox_cloud:23.1.4245
Fortinet » Fortisandbox Cloud » Version: 23.1.4260

cpe:2.3:a:fortinet:fortisandbox_cloud:23.1.4260
Fortinet » Fortisandbox Cloud » Version: 23.3.4329

cpe:2.3:a:fortinet:fortisandbox_cloud:23.3.4329
Fortinet » Fortisandbox Cloud » Version: 23.3.4374

cpe:2.3:a:fortinet:fortisandbox_cloud:23.3.4374
Fortinet » Fortisandbox Cloud » Version: 23.4.4350

cpe:2.3:a:fortinet:fortisandbox_cloud:23.4.4350
Fortinet » Fortisandbox Cloud » Version: 23.4.4367

cpe:2.3:a:fortinet:fortisandbox_cloud:23.4.4367
Fortinet » Fortisandbox Cloud » Version: 23.4.4374

cpe:2.3:a:fortinet:fortisandbox_cloud:23.4.4374
Fortinet » Fortisandbox Cloud » Version: 24.1.4436

cpe:2.3:a:fortinet:fortisandbox_cloud:24.1.4436
Fortinet » Fortisandbox Cloud » Version: 5.0.4

cpe:2.3:a:fortinet:fortisandbox_cloud:5.0.4
Fortinet » Fortisandbox Cloud » Version: 5.0.5

cpe:2.3:a:fortinet:fortisandbox_cloud:5.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-39812

Products

Pricing

Contact Us