Security Advisory

CVE-2020-29015

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-14 16:07:20

Last updated 2024-10-25 14:23:13

Assigner fortinet

State PUBLISHED

Description

A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement.

← Browse all CVEs View on cve.org ↗