An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an authenticated user into generating a PDF file containing injected malicious URLs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2018-06-27T20:00:00Z
Updated: 2024-09-16T16:33:16.372Z
Reserved: 2017-12-11T00:00:00
Link: CVE-2018-1355
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-06-27T20:29:04.933
Modified: 2019-03-08T13:46:47.527
Link: CVE-2018-1355
Redhat
No data.