CVE-2024-55593 Information

Description

A improper neutralization of special elements used in an sql command (‘sql injection’) in Fortinet FortiWeb versions 6.3.17 through 7.6.1 allows attacker to gain information disclosure via crafted SQL queries

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-24-465