CVE-2018-1356 | THREATINT

Description

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan component.

PUBLISHED Reserved 2017-12-11 | Published 2019-04-09 | Updated 2024-10-25 | Assigner fortinet

Problem types

Execute unauthorized code or commands

Product status

2.5.2

affected

2.5.1

affected

2.5.0

affected

2.4.1

affected

2.4.0

affected

References

fortiguard.com/advisory/FG-IR-18-024

www.securityfocus.com/bid/107838 (107838) vdb-entry

cve.org (CVE-2018-1356)

nvd.nist.gov (CVE-2018-1356)

Download JSON