Insecure Direct Object Reference in policy API Endpoint

Fortiguard Security Advisory

An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortiportal organization interface may allow an authenticated attacker to view resources of other organizations via HTTP or HTTPS requests.


Leave a Reply

Your email address will not be published. Required fields are marked *