A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows malicious user to use the device as proxy via crafted GET parameters in requests to error handlers
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiweb |
||
fortinet fortiweb 6.1.0 |
||
fortinet fortiweb 6.1.1 |
||
fortinet fortiweb 6.1.2 |
||
fortinet fortiweb 6.4.0 |
||
fortinet fortiweb 6.4.1 |