Custom Error Pages Vulnerability in FortiPresence

Custom Error Pages Vulnerability in FortiPresence

CVE-2023-27998 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.

Learn more about our Web Application Penetration Testing UK.