An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload.

Related CVEs

CVE-2024-21761

Key Information

GHSA ID

GHSA-75c8-h7q2-4h5c

Published

March 12, 2024 3:32 PM

Last Modified

March 12, 2024 3:32 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 29, 2025 6:31 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.