4 matches found
CVE-2024-21761
An improper authorization vulnerability CWE-285 in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload...
CVE-2024-21761
An improper authorization vulnerability CWE-285 in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload...
CVE-2024-21761
An improper authorization vulnerability CWE-285 in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload...
CVE-2024-21761
FortiPortal suffers an improper authorization vulnerability (CWE-285) affecting FortiPortal versions 7.0.6 and below and 7.2.0. An attacker could download reports from other organizations by modifying the request payload. The issue is documented across multiple sources, with practical remediation...