CVE-2025-46777 Information

Description

A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0 versions 7.2.0 through 7.2.5 and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log.

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-24-380