Fortinet updates web application firewall to protect against SQL injection, denial-of-service attacks
This vulnerability in the consumer interface of FortiWeb authorized an unauthenticated, remote attacker to execute arbitrary SQL queries or commands before it was fixed, an advisory from Fortinet admits.