CVE-2024-21759 Information

Description

An authorization bypass through user-controlled key in Fortinet FortiPortal version 7.2.0 and versions 7.0.0 through 7.0.6 allows attacker to view unauthorized resources via HTTP or HTTPS requests.

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-24-011