CVE-2023-23775
published 2024-06-11CVE-2023-23775: Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerabilities [CWE-89] in FortiSOAR 7.2.0 and before 7.0.3 may…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerabilities [CWE-89] in FortiSOAR 7.2.0 and before 7.0.3 may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortisoar | — | — |
| fortinet | fortisoar | — | — |
| fortinet | fortisoar | >= 7.0.0 < 7.2.1 | 7.2.1 |
| fortinet | fortisoar | 7.0.0 – 7.0.3 | — |