| IR Number | FG-IR-22-142 |
| Date | Feb 16, 2023 |
| Severity |
Medium |
| CVSSv3 Score | 4.7 |
| Impact | Unauthorized access to files |
| CVE ID | CVE-2023-23778 |
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiWeb - Path traversal via browse report CGI component
Summary
A relative path traversal vulnerability [CWE-23] in FortiWeb may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.
Affected Products
At least
FortiWeb version 7.0.0 through 7.0.1
FortiWeb 6.2 all versions
FortiWeb 6.4 all versions
FortiWeb 6.3 all versions
Solutions
Please upgrade to FortiWeb version 7.0.2 or above