Information disclosure through diagnose debug commands in FortiWeb
An information exposure vulnerability in FortiWeb CLI may allow an authenticated user to view sensitive information being logged via diagnose debug commands.
FortiWeb 6.2.0 and below.
Please upgrade to FortiWeb 6.3.0, 6.2.1 or above.
Fortinet is pleased to thank Danilo Costa from PBI for reporting this vulnerability under responsible disclosure.