cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer prior to 5.0.5 does not properly validate the csrf_token parameter, which allows remote malicious users to perform cross-site request forgery (CSRF) attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortianalyzer_firmware |
||
fortinet fortianalyzer-2000b - |
||
fortinet fortianalyzer-200d - |
||
fortinet fortianalyzer-4000b - |
||
fortinet fortianalyzer-3000d - |
||
fortinet fortianalyzer-1000d - |
||
fortinet fortianalyzer-300d - |