Cross-Site Request Forgery (CSRF) Vulnerability in Fortinet FortiAnalyzer

CVE-2013-6826 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks.

Learn more about our Cis Benchmark Audit For Fortinet.