4.3
CVE-2013-1471
- EPSS 4.9%
- Veröffentlicht 04.02.2013 19:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fortinet ≫ Fortimail Updatemr3 Version <= 4.0
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail Version3.0 Updatemr2
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail Version3.0 Updatemr3
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail Version3.0 Updatemr4
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail Version3.0 Updatemr5
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail Version4.0
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail Version4.0 Updatemr1
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail Version4.0 Updatemr2
Fortinet ≫ Fortimail-2000b Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Fortinet ≫ Fortimail-200d Version-
Fortinet ≫ Fortimail-400c Version-
Fortinet ≫ Fortimail-5002b Version-
Fortinet ≫ Fortimail-vm2000 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.9% | 0.885 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.