Auth Bypass via User-Controlled Key Vulnerability
CVE-2023-47543
8.1HIGH
What is CVE-2023-47543?
A vulnerability exists in Fortinet FortiPortal versions 7.0.0 through 7.0.3 that allows authenticated attackers to bypass authorization controls via user-controlled keys. This permits unauthorized interaction with resources of other organizations through crafted HTTP or HTTPS requests, potentially exposing sensitive information and disrupting services. Proper security measures and prompt updates are essential to mitigate this risk.
Affected Version(s)
FortiPortal 7.0.0 <= 7.0.3