CVSSv3 Score:
5.1
An improper neutralization of special elements used in an SQL command (‘SQL injection’) vulnerability [CWE-89] in FortiNDR may allow an authenticated attacker to execute arbitrary SQL commands on selected databases and tables via specifically crafted HTTP requests.
Revised on 2026-05-12 00:00:00
