Known Vulnerabilities
CVE-2023-27995
A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload.
HIGH
CVSS 7.2
Published Apr 11, 2023
CVE-2023-25605
A improper access control vulnerability in Fortinet FortiSOAR 7.3.0 - 7.3.1 allows an attacker authenticated on the administrative interface to perform unauthorized actions via crafted HTTP requests.
HIGH
CVSS 7.5
Published Mar 07, 2023