CVE-2015-0279: Expression Language Injection in FortiSIEM
Summary
An expression language injection vulnerability in FortiSIEM JBoss RichFaces library may allow a remote attacker to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.
Affected Products
FortiSIEM version 5.2.8 and below.
Solutions
Please upgrade to FortiSIEM version 5.3.0 or above.