Open Redirect Vulnerability in Fortinet FortiWeb Versions 6.4.1 and below, 6.3.15 and below

Open Redirect Vulnerability in Fortinet FortiWeb Versions 6.4.1 and below, 6.3.15 and below

CVE-2021-36191 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlers

Learn more about our Cis Benchmark Audit For Fortinet.