EIP-2026-101279

PRE-CVE

Fortigate Firewall 2.x - listdel Admin Interface Cross-Site Scripting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101279. PoCs published by Maarten Hartsuijker.

AI-analyzed exploit summary The provided text describes multiple cross-site scripting (XSS) vulnerabilities in the FortiGate Firewall web administrative interface. It includes example URLs demonstrating how malicious script code can be injected via URI parameters, potentially leading to credential theft.

Description

Fortigate Firewall 2.x - listdel Admin Interface Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP VERIFIED

by Maarten Hartsuijker · textremotehardware

https://www.exploit-db.com/exploits/23378

View Code ZIP pw:eip

The provided text describes multiple cross-site scripting (XSS) vulnerabilities in the FortiGate Firewall web administrative interface. It includes example URLs demonstrating how malicious script code can be injected via URI parameters, potentially leading to credential theft.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: FortiGate Firewall (version not specified)

No auth needed

Prerequisites: Victim must follow a malicious link

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026