CVE-2023-47542
MEDIUMDescription
A improper neutralization of special elements used in a template engine [CWE-1336] in FortiManager versions 7.4.1 and below, versions 7.2.4 and below, and 7.0.10 and below allows attacker to execute unauthorized code or commands via specially crafted templates.
Is your site exposed to CVE-2023-47542?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortimanager |
| fortinet | fortimanager |
| fortinet | fortimanager |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2023-47542? +
How severe is CVE-2023-47542? +
What products are affected by CVE-2023-47542? +
How do I check if I'm vulnerable to CVE-2023-47542? +
Related Vulnerabilities
Craft CMS is a content management system (CMS). In versions 5.9.0 and above prior to 5.10.0, control panel users with …
Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input …
LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a …
FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email …
A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web …
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to …