{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T05:48:50.104","vulnerabilities":[{"cve":{"id":"CVE-2019-5586","sourceIdentifier":"psirt@fortinet.com","published":"2019-06-04T22:29:00.237","lastModified":"2024-11-21T04:45:10.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the \"param\" parameter of the error process HTTP requests."},{"lang":"es","value":"Una vulnerabilidad reflejada de Cross-Site-Scripting (XSS) en Fortinet FortiOS 5.2.0 a 5.6.10, 6.0.0 a 6.0.4 bajo el portal web SSL VPN puede permitir que un atacante ejecute el código de script malicioso no autorizado mediante el parámetro \"param\" de las solicitudes HTTP de proceso de error."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.0","versionEndIncluding":"6.0.4","matchCriteriaId":"6D2FB321-696D-44AE-92A7-3A66B4ED4B19"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/108610","source":"psirt@fortinet.com"},{"url":"https://fortiguard.com/advisory/FG-IR-19-034","source":"psirt@fortinet.com","tags":["Mitigation","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/108610","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://fortiguard.com/advisory/FG-IR-19-034","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}