March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – PHP Multiple Denial of Service Vulnerabilities
April 5, 2019Rewterz Threat Advisory – Google Chrome V8 Arbitrary Code Execution Vulnerability
April 5, 2019Rewterz Threat Advisory – PHP Multiple Denial of Service Vulnerabilities
April 5, 2019Rewterz Threat Advisory – Google Chrome V8 Arbitrary Code Execution Vulnerability
April 5, 2019
Severity
Medium
Analysis Summary
CVE-2018-1356
Input passed via the “back_url” parameter in the file scan component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
Impact
Cross Site Scripting
Affected Vendors
Fortinet
Affected Products
Fortinet FortiSandbox 2.x
Remediation
Upgrade to version 3.0.0 or later.