An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management interface 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.4 may allow a remote and authenticated malicious user to execute arbitrary code via a crafted payload.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortisoar |
||
fortinet fortisoar 7.2.0 |