4 matches found
CVE-2023-36633
An improper authorization vulnerability CWE-285 in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests...
Vulnerabilities fixed in Fortinet FortiMail
Fortinet has fixed vulnerabilities in FortiMail. A malicious party can exploit the vulnerability with reference CVE-2023-45582 exploited to gain brute-force access to the mail environment. The vulnerability with reference CVE-2023-36633 allows an authenticated malicious person to gain access to...
CVE-2023-36633
An improper authorization vulnerability CWE-285 in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests...
CVE-2023-36633
CVE-2023-36633 affects Fortinet FortiMail webmail (versions 7.2.0–7.2.2 and prior to 7.0.5). The issue is an improper authorization (CWE-285) that allows an authenticated attacker to see and modify the title of other users’ address book folders via crafted HTTP/HTTPS requests. Impact is limited t...