CVE-2018-1355
published 2018-06-27CVE-2018-1355: An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an authenticated user into generating a PDF file containing injected malicious URLs.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortianalyzer | <= 5.6.5 | — |
| fortinet | fortianalyzer | — | — |
| fortinet | fortianalyzer | — | — |
| fortinet | fortimanager | <= 5.6.5 | — |
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | — | — |
| fortinet | fortinet | — | — |
| fortinet | fortiview | — | — |