Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail before 4.3.9, 5.0.x before 5.0.8, 5.1.x before 5.1.5, and 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via the release parameter to module/releasecontrol.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiMail Web Action Quarantine Release Feature 跨站脚本漏洞
Vulnerability Description
Fortinet FortiMail是美国飞塔(Fortinet)公司的一款邮件信息安全设备,它提供信息过滤引擎、反垃圾邮件和威胁防御等功能。 Fortinet FortiMail的WebGUI中的Web Action Quarantine Release功能存在跨站脚本漏洞,该漏洞源于module/releasecontrol URI没有充分过滤‘release’参数。远程攻击者可利用该漏洞注入任意Web脚本或HTML。以下版本受到影响:Fortinet FortiMail 4.3.9之前版本,5.0.
CVSS Information
N/A
Vulnerability Type
N/A