Reflected XSS Vulnerability in Fortinet FortiOS SSL VPN Web Portal

Reflected XSS Vulnerability in Fortinet FortiOS SSL VPN Web Portal

CVE-2019-5586 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests.

Learn more about our Cis Benchmark Audit For Apple Ios.