Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiMail 多个跨站脚本漏洞
Vulnerability Description
FortiMail是当前最为灵活的邮件安全系统,可以保护和部署于各种邮件结构,过滤垃圾邮件。病毒和间谍软件,实现全面的防御体系。 基于FortiMail Identity-Based Encryption (IBE)应用上的Fortinet FortiMail 4.3.4之前的版本中的admin/FEAdmin.html中存在多个跨站脚本漏洞。通过(1)反垃圾邮件管理用户首选项下的黑名单中添加字段或(2)在反垃圾邮件部分中个人黑/白名单的用户名称,用户协助的攻击者利用该漏洞注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A