A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request with malicious parameter values.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-085 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-08-04T15:01:20
Updated: 2024-08-04T00:47:43.852Z
Reserved: 2021-07-06T00:00:00
Link: CVE-2021-36168
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-08-04T15:15:09.117
Modified: 2021-08-10T23:47:27.087
Link: CVE-2021-36168
Redhat
No data.