The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...
Bleeping Computer

MOVEit Transfer customers warned of new flaw as PoC info surfaces

Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi) flaw (tracked as CVE-2023-35708) was shared online today. The ...