PSIRT Advisories
FortiPortal - Device password exposure in audit log
Summary
An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface may allow a remote authenticated attacker to read other devices' passwords in the audit log page.