CVE-2014-3115

Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors.

Date published : 2014-05-08

http://www.kb.cert.org/vuls/id/902790

http://www.fortiguard.com/advisory/FG-IR-14-013/