FortiSOAR - Server-side Template Injection in playbook execution


An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management interface may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload.

Version Affected Solution
FortiSOAR 7.4 Not affected Not Applicable
FortiSOAR 7.3 7.3.0 through 7.3.1 Upgrade to 7.3.2 or above


Internally discovered and reported by Boumediene Kaddour from System and Sales Team


2023-04-04: Initial publication

2023-04-12: Update Solutions and Acknowledgement