VYPR
Unrated severityNVD Advisory· Published Feb 4, 2013· Updated Jun 16, 2026

CVE-2013-1471

CVE-2013-1471

Description

Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:fortinet:fortimail:3.0:mr2:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:fortinet:fortimail:3.0:mr2:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:3.0:mr3:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:3.0:mr4:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:3.0:mr5:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:4.0:mr1:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:4.0:mr2:*:*:*:*:*:*
    • cpe:2.3:a:fortinet:fortimail:*:mr3:*:*:*:*:*:*range: <=4.0
    • (no CPE)range: <4.3.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.