CVSSv3 Score:
6.2
An Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability [CWE-22] in FortiSandbox, FortiSandbox Cloud, FortiSandbox PaaS and FortiSandbox Cloud WEB UI may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary directory via HTTP crafted requests.
Revised on 2026-04-14 00:00:00
