Vulnerabilities > Fortinet > Fortiddos F > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-25603 Overly Permissive Cross-domain Whitelist vulnerability in Fortinet Fortiadc and Fortiddos-F
A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.
network
low complexity
fortinet CWE-942
critical
 9.1
9.1