PSIRT Advisories

The FortiGuard Labs Product Security Incident Response Team (PSIRT) continually test Fortinet hardware and software products, looking for vulnerabilities and weaknesses. Any such findings are fed back to Fortinet's development teams and serious issues are described along with protective solutions in the advisories below.

OpenRedirect in Malicious Generated PDF Document on FortiAnalyzer and FortiManager

An open redirect vulnerability exists in FortiAnalyzer and FortiManager when a user of the GUI is converting an HTML table to...

Jun 22, 2018 Risk

IR Number: FG-IR-18-022

FortiAnalyzer and FortiManager admin user avatar setting improper access control

An improper access control vulnerability exists in FortiAnalyzer and FortiManager, whereby a regular user of the GUI can edit...

Jun 22, 2018 Risk

IR Number: FG-IR-18-014

FortiManager XSS vulnerability when view config under Revision History

A potential Cross-site Scripting (XSS) vulnerability exists in FortiManager: Displayed data is not sanitized when an administrator...

Jun 22, 2018 Risk

IR Number: FG-IR-18-006

Refine RESET

PSIRT Advisories

Refine
RESET