VYPR
Medium severity6.1NVD Advisory· Published Jun 27, 2018· Updated Jun 17, 2026

CVE-2018-1355

CVE-2018-1355

Description

An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an authenticated user into generating a PDF file containing injected malicious URLs.

Affected products

3
  • Range: <=5.6.5, 6.0.0
  • Range: <=5.6.5, 6.0.0
  • Fortinet, Inc./Fortinet FortiManager, FortiAnalyzerv5
    Range: FortiManager 6.0.0, 5.6.5 and below versions

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.