Known vulnerabilities in Fortinet, Inc FortiWeb 6.2.1

Vendor: Fortinet, Inc

Website: https://www.fortinet.com/

Total Security Bulletins: 21

Security bulletins (21)

Secuity bulletin	Severity	Status	Published
SB2023121849: Log injection in FortiWeb	Medium	Patched	18.12.2023
SB2023041322: Stored XSS in FortiWeb	Medium	Patched	13.04.2023
SB2023030947: Arbitrary file read in FortiWeb and FortiRecorder	Low	Patched	09.03.2023
SB2023021731: Multiple vulnerabilities in FortiWeb	Medium	Patched	17.02.2023
SB2023021704: Padding oracle in cookie encryption in FortiWeb	Low	Patched	17.02.2023
SB2023021682: Path traversal in FortiWeb API	Medium	Patched	16.02.2023
SB2023021685: Privilege escalation in FortiWeb CLI	Low	Patched	16.02.2023
SB2023021686: Session fixation in FortiWeb	Medium	Patched	16.02.2023
SB2023021687: Remote code execution in FortiWeb Proxyd	High	Patched	16.02.2023
SB2022090661: SQL injection in FortiWeb	Low	Patched	06.09.2022
SB2022020172: Multiple vulnerabilities in Fortinet FortiWeb	High	Patched	01.02.2022
SB2021120720: Information disclosure in FortiSandbox, FortiWeb and FortiADC	Medium	Patched	07.12.2021
SB2021090714: Buffer overflow in FortiWeb	Medium	Patched	07.09.2021
SB2021090713: Remote OS commands execution in FortiWeb	Medium	Patched	07.09.2021
SB2021081913: OS command injection in FortiWeb	Medium	Patched	19.08.2021
SB2021060119: Remote command execution in Fortinet FortiWeb	Medium	Patched Public exploit	01.06.2021
SB2021040618: Information disclosure in FortiWeb	Medium	Patched	06.04.2021
SB2021020334: XSS in Fortinet FortiWeb	Medium	Patched	03.02.2021
SB2021010515: SQL injection in Fortinet FortiWeb	High	Patched	05.01.2021
SB2021010514: Denial of service in Fortinet FortiWeb	Medium	Patched	05.01.2021
SB2021010513: Remote code execution in Fortinet FortiWeb	High	Patched	05.01.2021