Unrated severityCISA KEVNVD Advisory· Published May 29, 2019· Updated Oct 21, 2025
CVE-2018-13383
CVE-2018-13383
Description
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
Affected products
3- Range: <=2.0.0, <=1.2.8
- Fortinet/Fortinet FortiOS and FortiProxyv5Range: FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier
Patches
Vulnerability mechanics
References
2- fortiguard.com/advisory/FG-IR-18-388mitrex_refsource_CONFIRM
- fortiguard.com/advisory/FG-IR-20-229mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.