2 matches found
PT-2025-3301 · Fortinet · Fortirecorder +1
Name of the Vulnerable Software and Affected Versions: FortiMail versions 6.4.0 through 6.4.7 FortiMail versions 7.0.0 through 7.0.6 FortiMail versions 7.2.0 through 7.2.4 FortiRecorder versions 6.4.0 through 6.4.4 FortiRecorder version 7.0.0 Description: An improper neutralization of special...
Cross site scripting
An improper neutralization of input during web page generation vulnerability CWE-79 in the Webmail of FortiMail before 7.2.0 may allow an unauthenticated attacker to trigger a cross-site scripting XSS attack via sending specially crafted mail messages...