Fortra GoAnywhere MFT Improper Session Timeout Vulnerability Leading to SAML Login Redirection Issue

Vulnerability

A vulnerability exists in Fortra's GoAnywhere MFT versions prior to 7.10.0, where an improper session timeout allows SAML-configured Web Users to be redirected to the standard login page instead of the SAML login page. This could disrupt the login process for users relying on SAML authentication.

Impact

Exploitation of this vulnerability could cause SAML-authenticated users to be incorrectly directed to the regular login page, potentially leading to authentication issues.

Added: Apr 21, 2026, 3:43 PM

Updated: Apr 21, 2026, 3:43 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

6.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

6.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortra GoAnywhere MFT Improper Session Timeout Vulnerability Leading to SAML Login Redirection Issue

Vulnerability

Impact

Affected Products

Fortra GoAnywhere MFT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating