FortiWLM - Unauthenticated SQL Injection Vulnerability
Summary
An improper neutralization of special elements used in an sql command [CWE-89] in FortiWLM may allow a remote unauthenticated attacker to execute unauthorized sql queries via a crafted http request.
Solutions
Please upgrade to FortiWLM version 8.6.6 or abovePlease upgrade to FortiWLM version 8.5.5 or above