CVE-2023-27995

Name of the Vulnerable Software and Affected Versions Fortinet FortiSOAR versions 7.3.0 through 7.3.1

Description The issue is related to an improper neutralization of special elements used in a template engine, which allows an authenticated, remote attacker to execute arbitrary code via a crafted payload. This can be achieved by exploiting errors in the template creation mechanism, enabling the attacker to load specially formed templates and execute arbitrary code.

Recommendations For Fortinet FortiSOAR versions 7.3.0 through 7.3.1, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.