FortiAIOps – CSV Injection in export device inventory feature

Fortiguard Security Advisory

An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in FortiAIOps may allow a remote authenticated attacker to execute arbitrary commands on a client’s workstation via poisoned CSV reports.


Leave a Reply

Your email address will not be published. Required fields are marked *