Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiAnalyzer 跨站请求伪造漏洞
Vulnerability Description
Fortinet FortiAnalyzer是美国飞塔(Fortinet)公司的一套集中式网络安全报告解决方案。该方案主要用于收集网络日志数据,并通过报告套件对日志中的安全事件、网络流量、Web内容等进行分析、报告、归档操作。 Fortinet FortiAnalyzer 5.0.5之前的版本中的cgi-bin/module//sysmanager/admin/SYSAdminUserDialog中存在安全漏洞,该漏洞源于程序没有正确过滤‘csrf_token’参数。远程攻击者可利用该漏洞实施跨站请求伪造
CVSS Information
N/A
Vulnerability Type
N/A