CVE-2024-27783 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests.

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-24-070