[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80130

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-7732

Date: (C)2017-10-27   (M)2017-12-07 


A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 through 5.2.9, and 5.3.0 through 5.3.9 customized pre-authentication webmail login page allows attacker to inject arbitrary web script or HTML via crafted HTTP requests.

CVSS Score: 4.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: PARTIAL
 Availability: NONE





Reference:
BID-101278
SECTRACK-1039584
https://fortiguard.com/psirt/FG-IR-17-099

CPE    32
cpe:/a:fortinet:fortimail:5.0.2
cpe:/a:fortinet:fortimail:5.0.1
cpe:/a:fortinet:fortimail:5.0.4
cpe:/a:fortinet:fortimail:5.2.2
...
CWE    1
CWE-79

© 2013 SecPod Technologies