CVE-2023-23781EPSS p48.3%

CVE-2023-23781CVE-2023-23781

fortinet / fortiweb

Description

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files.

Scoring

CVSS 6.4 ()
VectorCVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS0.70% probability of exploitation · percentile 48.3% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.