Fortinet Fortiproxy vulnerabilities
122 known vulnerabilities affecting fortinet/fortiproxy.
Total CVEs
122
CISA KEV
12
actively exploited
Public exploits
7
Exploited in wild
8
Severity breakdown
CRITICAL17HIGH39MEDIUM63LOW3
Vulnerabilities
Page 7 of 7
CVE-2018-13380MEDIUMCVSS 6.1PoC≤ 1.2.8v2.0.02019-06-04
CVE-2018-13380 [MEDIUM] CWE-79 CVE-2018-13380: A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
nvd
CVE-2018-13383MEDIUMCVSS 6.5KEVfixed in 1.2.9v2.0.02019-05-29
CVE-2018-13383 [MEDIUM] CWE-787 CVE-2018-13383: A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
nvd
← Previous7 / 7