CVE-2023-36550
A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4…
A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4…
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 – 7.2.4 allows an attacker to execute unauthorized…
An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login…
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiMail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to…
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 – 7.0.12, 7.2.0 – 7.2.5 and 7.4.0 allows an attacker…
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux…
An insertion of sensitive information into log file vulnerability in Fortinet FortiGuest 1.0.0 allows a local attacker to access plaintext passwords in the RADIUS logs.…
An improper neutralization of special elements used in an OS Command (‘OS Command Injection’) vulnerability [CWE-78 ] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7,…
An improper access control vulnerability in Fortinet FortiOS 7.2.0 – 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted…
A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4…