CVE-2013-1471
N/A
N/A
Summary
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.vulnerability-lab.com/get_content.php?id=701
- http://www.youtube.com/watch?v=5d7cIaM80oY
- http://www.fortiguard.com/advisory/FG-IR-013-001.html
References
- http://www.vulnerability-lab.com/get_content.php?id=701
- http://www.youtube.com/watch?v=5d7cIaM80oY
- http://www.fortiguard.com/advisory/FG-IR-013-001.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.