A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.
CPE | Name | Operator | Version |
---|---|---|---|
fortiadc | eq | 7.1.0 | |
fortiadc | eq | 7.1.1 | |
fortiddos-f | eq | 6.4.0 | |
fortiddos-f | eq | 6.4.1 | |
fortiddos-f | ge | 6.3.0 | |
fortiddos-f | le | 6.3.4 |