Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn feature.
http://fortiguard.com/advisory/fortiweb-path-traversal-vulnerability