Cross-Site Scripting Vulnerability in Fortinet FortiAuthenticator
CVE-2018-9186
6.1MEDIUM
What is CVE-2018-9186?
A cross-site scripting vulnerability in Fortinet FortiAuthenticator enables attackers to execute arbitrary script code due to a failure in CSRF validation on the affected version's page. By manipulating the HTTP referer header, an attacker can inject malicious scripts, leading to potential unauthorized actions and data exposure.
Affected Version(s)
FortiAuthenticator below 5.3.0 versions