CVSSv3 Score: 2.6
An improper access control vulnerability [CWE-284] in FortiAuthenticator Web UI may allow an authenticated attacker with at least read-only admin permission to obtain the credentials of other administrators’ messaging services via crafted requests.
Revised on 2025-12-09 00:00:00
