Vulnerabilities > Fortinet > Fortios > 5.0.9

DATE CVE VULNERABILITY TITLE RISK
2017-03-30 CVE-2016-7541 7PK - Security Features vulnerability in Fortinet Fortios
Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode.
network
high complexity
fortinet CWE-254
5.9
5.9
2016-04-08 CVE-2016-3978 Cross-site Scripting vulnerability in Fortinet Fortios
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login."
network
low complexity
fortinet CWE-79
6.1
6.1