From securityaffairs.co
One of the high-severity issues is a persistent XSS, tracked as CVE-2022-38374, in Log pages of FortiADC. The root cause of the issue is an improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC. A remote, unauthenticated attacker can trigger the flaw to perform a stored cross-site scripting (XSS) attack via HTTP fields observed in the traffic and event logviews.