VYPR
Unrated severityCISA KEVNVD Advisory· Published May 29, 2019· Updated Oct 21, 2025

CVE-2018-13383

CVE-2018-13383

Description

A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.

Affected products

3
  • Range: <=2.0.0, <=1.2.8
  • Fortinet/Fortiosllm-fuzzy
    Range: <=6.0.4, <=5.6.10, <=5.4.12, <=5.2.14
  • Fortinet/Fortinet FortiOS and FortiProxyv5
    Range: FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.