Vulnerability Details CVE-2019-5586
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2019-5586
-
cpe:2.3:o:fortinet:fortios:5.2.0
-
cpe:2.3:o:fortinet:fortios:5.2.1
-
cpe:2.3:o:fortinet:fortios:5.2.10
-
cpe:2.3:o:fortinet:fortios:5.2.11
-
cpe:2.3:o:fortinet:fortios:5.2.12
-
cpe:2.3:o:fortinet:fortios:5.2.13
-
cpe:2.3:o:fortinet:fortios:5.2.14
-
cpe:2.3:o:fortinet:fortios:5.2.15
-
cpe:2.3:o:fortinet:fortios:5.2.2
-
cpe:2.3:o:fortinet:fortios:5.2.3
-
cpe:2.3:o:fortinet:fortios:5.2.4
-
cpe:2.3:o:fortinet:fortios:5.2.5
-
cpe:2.3:o:fortinet:fortios:5.2.6
-
cpe:2.3:o:fortinet:fortios:5.2.7
-
cpe:2.3:o:fortinet:fortios:5.2.8
-
cpe:2.3:o:fortinet:fortios:5.2.9
-
cpe:2.3:o:fortinet:fortios:5.4
-
cpe:2.3:o:fortinet:fortios:5.4.0
-
cpe:2.3:o:fortinet:fortios:5.4.1
-
cpe:2.3:o:fortinet:fortios:5.4.10
-
cpe:2.3:o:fortinet:fortios:5.4.11
-
cpe:2.3:o:fortinet:fortios:5.4.12
-
cpe:2.3:o:fortinet:fortios:5.4.13
-
cpe:2.3:o:fortinet:fortios:5.4.2
-
cpe:2.3:o:fortinet:fortios:5.4.3
-
cpe:2.3:o:fortinet:fortios:5.4.4
-
cpe:2.3:o:fortinet:fortios:5.4.5
-
cpe:2.3:o:fortinet:fortios:5.4.6
-
cpe:2.3:o:fortinet:fortios:5.4.7
-
cpe:2.3:o:fortinet:fortios:5.4.8
-
cpe:2.3:o:fortinet:fortios:5.4.9
-
cpe:2.3:o:fortinet:fortios:5.6.0
-
cpe:2.3:o:fortinet:fortios:5.6.1
-
cpe:2.3:o:fortinet:fortios:5.6.10
-
cpe:2.3:o:fortinet:fortios:5.6.11
-
cpe:2.3:o:fortinet:fortios:5.6.12
-
cpe:2.3:o:fortinet:fortios:5.6.13
-
cpe:2.3:o:fortinet:fortios:5.6.14
-
cpe:2.3:o:fortinet:fortios:5.6.2
-
cpe:2.3:o:fortinet:fortios:5.6.3
-
cpe:2.3:o:fortinet:fortios:5.6.4
-
cpe:2.3:o:fortinet:fortios:5.6.5
-
cpe:2.3:o:fortinet:fortios:5.6.6
-
cpe:2.3:o:fortinet:fortios:5.6.7
-
cpe:2.3:o:fortinet:fortios:5.6.8
-
cpe:2.3:o:fortinet:fortios:5.6.9
-
cpe:2.3:o:fortinet:fortios:6.0.0
-
cpe:2.3:o:fortinet:fortios:6.0.1
-
cpe:2.3:o:fortinet:fortios:6.0.2
-
cpe:2.3:o:fortinet:fortios:6.0.3
-
cpe:2.3:o:fortinet:fortios:6.0.4