← back
CVE-2018-9186

CVE-2018-9186

EPSS 0.8%
A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header.
Affected products
Fortinet, Inc. · FortiAuthenticator

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-18-059http://www.securityfocus.com/bid/104371