A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlers
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-133 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T13:03:35
Updated: 2024-10-25T13:40:05.947Z
Reserved: 2021-07-06T00:00:00
Link: CVE-2021-36191
Vulnrichment
Updated: 2024-08-04T00:54:50.634Z
NVD
Status : Modified
Published: 2021-12-08T13:15:07.787
Modified: 2024-11-21T06:13:17.433
Link: CVE-2021-36191
Redhat
No data.