Description
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.
Affected products
- fortinet / Fortinet FortiWebFortiWeb 6.3.0 through 6.3.5 – FortiWeb 6.3.0 through 6.3.5
References
- VENDOR_ADVISORYhttps://www.fortiguard.com/psirt/FG-IR-20-123