CVE-2018-1354

CVE-2018-1354

An improper access control vulnerability in Fortinet FortiManager 6.0.0 and below versions, FortiAnalyzer 6.0.0 and below versions allows a regular user edit the avatar picture of other users with arbitrary content.

Source: CVE-2018-1354