Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the Organization V2Beta API endpoints. An attacker can access and modify data belonging to other organizations by bypassing authorization checks with administrator privileges for a...

CVE-2023-48783

An Authorization Bypass Through User-Controlled Key vulnerability CWE-639 affecting PortiPortal version 7.2.1 and below, version 7.0.6 and below, version 6.0.14 and below, version 5.3.8 and below may allow a remote authenticated user with at least read-only permissions to access to other...

PT-2024-13651 · Unknown · Portiportal

Name of the Vulnerable Software and Affected Versions: PortiPortal versions 7.2.1 and below PortiPortal versions 7.0.6 and below PortiPortal versions 6.0.14 and below PortiPortal versions 5.3.8 and below Description: The issue allows a remote authenticated user with at least read-only permissions...

Fortinet PortiPortal Security Vulnerability

Fortinet PortiPortal is a cloud-based multi-tenant portal from Fortinet, Inc. for security policy management and analysis. A security vulnerability exists in Fortinet PortiPortal version 7.2.1 and earlier, version 7.0.6 and earlier, version 6.0.14 and earlier, and version 5.3.8. An attacker could...