Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.6 views

CVE-2021-27671

An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing for example Data: to be used in an attack...

6.1CVSS6AI score0.00686EPSS
Exploits0References1
0day.today
0day.today
added 2022/02/18 12:0 a.m.147 views

Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting Vulnerability

Exploit Title: Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/fmlurlsvc/ Exploit Author: Braiant Giraldo Villa Contact: @ironfortress Twitter Vendor Homepage: https://www.fortinet.com/products/email-security Software Link:...

6.1CVSS6.3AI score0.12936EPSS
Exploits5
NVD
NVD
added 2022/02/02 11:15 a.m.36 views

CVE-2021-43062

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...

6.1CVSS0.12936EPSS
Exploits5References2
Prion
Prion
added 2022/02/02 11:15 a.m.21 views

Cross site scripting

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...

4.3CVSS6.5AI score0.12936EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2022/02/02 11:8 a.m.102 views

CVE-2021-43062

Summary: CVE-2021-43062 affects Fortinet FortiMail across multiple versions (7.0.1/7.0.0, 6.4.5 and below, 6.3.7 and below, 6.0.11 and below). It is a Cross-Site Scripting vulnerability caused by improper neutralization of input during web page generation, exploitable via crafted HTTP GET request...

6.1CVSS6.4AI score0.12936EPSS
Exploits5References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/02 11:8 a.m.13 views

CVE-2021-43062

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...

6.1CVSS7.4AI score0.12936EPSS
Exploits5References2
Cvelist
Cvelist
added 2022/02/02 11:8 a.m.34 views

CVE-2021-43062

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...

6.1CVSS6.8AI score0.12936EPSS
Exploits5References2
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.44 views

FortiMail - reflected cross-site scripting vulnerability in FortiGuard URI protection

An improper neutralization of input during web page generation vulnerability 'Cross-site Scripting' CWE-79 in FortiMail may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests to the FortiGuard URI protection service...

4.3CVSS1.4AI score0.12936EPSS
Exploits5Affected Software1
Rows per page
Query Builder