Search Results (62 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-15939 1 Fortinet 1 Fortisandbox 2024-11-21 4.3 Medium
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL.
CVE-2018-1356 1 Fortinet 1 Fortisandbox 2024-11-21 N/A
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan component.