2 matches found
CVE-2024-31495
CVE-2024-31495 is a SQL injection due to improper neutralization of a special element in Fortinet FortiPortal. Affected: Fortinet FortiPortal 7.0.0–7.0.6 and 7.2.0. Impact: a privileged user can obtain unauthorized information via the report download functionality. Root cause is the improper hand...
CVE-2024-31495
A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiPortal versions 7.0.0 through 7.0.6 and version 7.2.0 allows privileged user to obtain unauthorized information via the report download functionality...