CVE-2025-25257

⚠ KEVEPSS 26.2%

Fortinet FortiWeb SQL Injection Vulnerability

Added to CISA KEV: 7/18/2025

Description

Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.

Affected packages (0)

No package mapping in OSV.