Fortinet FortiAuthenticator XSS Vulnerability: Unauthorized Script Execution via CSRF Validation Failure
CVE-2018-9186 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header.
Learn more about our Cis Benchmark Audit For Fortinet.