FortiWeb - Insufficient protections against XSS and CSRF
A protection mechanism failure [CWE-693] vulnerability in FortiWeb may allow an attacker to bypass XSS and CSRF protections.
FortiWeb version 7.2.0 through 7.2.1
FortiWeb version 7.0.0 through 7.0.6
FortiWeb 6.4 all versions
FortiWeb 6.3 all versions
SolutionsPlease upgrade to FortiWeb version 7.2.2 or above
Please upgrade to FortiWeb version 7.0.7 or above