Improper Neutralization of Formula Elements in FortiAIOps by Fortinet
CVE-2024-27785
6.5MEDIUM
What is CVE-2024-27785?
A vulnerability exists in FortiAIOps version 2.0.0, where an improper neutralization of formula elements in CSV files could potentially allow a remote authenticated attacker to execute arbitrary commands on a client's workstation through maliciously crafted CSV reports. This issue underscores the need for stringent input validation and sanitization when processing user-generated data in CSV format.