CVSSv3 Score:
9.1
An Improper Neutralization of Special Elements used in an OS Command (‘OS command injection’) vulnerability [CWE-78] in FortiSandbox may allow an unauthenticated attacker to execute unauthorized code or commands via crafted HTTP requests.
Revised on 2026-04-14 00:00:00
