Source |
Fortinet Vunerability |
Identifiant |
8412028 |
Date de publication |
2023-11-14 00:00:00 (vue: 2023-11-14 19:07:35) |
Titre |
Fortiadc & Fortiddos-F - CORS: Origine arbitraire fiable FortiADC & FortiDDoS-F - CORS: arbitrary origin trusted |
Texte |
A permissive cross-domain policy with untrusted domains (CWE-942) vulnerability in the API of FortiADC / FortiDDoS-F may allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.
A permissive cross-domain policy with untrusted domains (CWE-942) vulnerability in the API of FortiADC / FortiDDoS-F may allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests. |
Envoyé |
Oui |
Condensat |
/ fortiddos 942 actions allow api arbitrary attacker carry cors: crafted cross cwe domain domains fortiadc fortiddos information may origin out permissive policy privileged requests retrieve sensitive trusted unauthorized untrusted vulnerability web |
Tags |
Vulnerability
|
Stories |
|
Notes |
|
Move |
|