Medium severity6.1NVD Advisory· Published May 31, 2018· Updated Jun 17, 2026
CVE-2018-9186
CVE-2018-9186
Description
A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header.
Affected products
2- Range: >=4.0.0, <5.3.0
- Fortinet, Inc./FortiAuthenticatorv5Range: below 5.3.0 versions
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/104371nvdThird Party AdvisoryVDB Entry
- fortiguard.com/advisory/FG-IR-18-059nvdVendor Advisory
News mentions
0No linked articles in our index yet.