PT-2026-33977 · Fortra · Goanywhere Mft
Published
2026-04-21
·
Updated
2026-04-21
·
CVE-2026-0971
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GoAnywhere MFT versions prior to 7.10.0
Description
An improper session timeout issue occurs where Web Users configured for SAML (Security Assertion Markup Language, an open standard for exchanging authentication and authorization data) are redirected to the regular login page instead of the SAML login page.
Recommendations
Update to version 7.10.0 or later.
Fix
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Goanywhere Mft