CVE-2017-3125
- EPSS 0.59%
- Veröffentlicht 12.04.2017 15:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered ...
- EPSS 0.24%
- Veröffentlicht 14.04.2015 18:59:07
- Zuletzt bearbeitet 12.04.2025 10:46:40
FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the "diag debug application httpd" command.
CVE-2014-8617
- EPSS 0.3%
- Veröffentlicht 04.03.2015 19:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail before 4.3.9, 5.0.x before 5.0.8, 5.1.x before 5.1.5, and 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web scr...
CVE-2013-1471
- EPSS 4.9%
- Veröffentlicht 04.02.2013 19:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) t...