Loading
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
Use CWE-863, Fortinet vendor hub and Fortiproxy product page to widen CVE-2018-13382 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-24858, CVE-2025-59718 and CVE-2025-57740 for nearby disclosures in the same product family.