First published: Tue Apr 09 2024(Updated: )
An improper neutralization of special elements used in a template engine [CWE-1336] vulnerability in FortiManager provisioning templates may allow a local authenticated attacker with at least read-only permissions to execute arbitrary code via specially crafted templates.
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiManager | >=7.4.0<=7.4.1 | |
Fortinet FortiManager | >=7.2.0<=7.2.4 | |
Fortinet FortiManager | >=7.0.0<=7.0.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.