CVE-2020-29018

A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.
References
Link Resource
https://www.fortiguard.com/psirt/FG-IR-20-123 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*

Information

Published : 2021-01-14 04:15

Updated : 2021-01-20 08:52


NVD link : CVE-2020-29018

Mitre link : CVE-2020-29018

Products Affected
No products.
CWE
CWE-134

Use of Externally-Controlled Format String