CVE-2013-6826 Information

Description

cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter which allows remote attackers to perform cross-site request forgery (CSRF) attacks.

Reference

http://packetstormsecurity.com/files/123980/fortianalyzer-xsrf.txt http://www.securityfocus.com/bid/63663