4 matches found
CVE-2021-36172
An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file...
CVE-2021-36172
An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file...
CVE-2021-36172
CVE-2021-36172 affects Fortinet FortiPortal prior to 6.0.6. The issue is an XML External Entity (XXE) vulnerability in the XML response parser that can be exploited by an attacker who controls the XML report producer to trigger a denial of service or read arbitrary files from the underlying file ...
CVE-2021-36172
An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file...