CVE-2026-0971

MEDIUM CVSS 4.3 View on NVD ↗

Description

An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAML configured Web Users being redirected to the regular login page instead of the SAML login page.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

References

https://fortra.com/security/advisories/product-security/fi-2025-013

Published: Apr 21, 2026 15:16 UTC Modified: Apr 21, 2026 16:20 UTC