CVE-2018-1354
CVE-2018-1354 is an improper access-control vulnerability in Fortinet FortiManager (versions 6.0.0 and 5.6.5 and below) and FortiAnalyzer (versions 6.0.0 and 5.6.5 and below) that allows a regular GUI user to edit another user’s avatar image with arbitrary content. The issue is due to access-cont...