CVE-2024-46671 Information

Description

An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below version 7.4.6 and below version 7.2.10 and below version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests.

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-24-184